|
|
The use of federated learning in the field of security on Android OS
Szüč, Martin ; Myška, Vojtěch (referee) ; Michálek, Jakub (advisor)
This thesis explores the use of federated learning in the context of cybersecurity, specifically in detecting phishing attacks via email on the Android operating system. The~theoretical part of the thesis deals with concepts of federated learning, machine learning, and various phishing techniques. The main goal of the practical part is to design and implement a mobile application that uses federated learning to train machine learning models. This application is designed to detect phishing emails while ensuring that the content of the emails is not sent to a central server, thereby protecting users' sensitive data. The~thesis includes the design of the application architecture, integration of Python modules, processing and classification of emails, and implementation of federated learning. The results of the application testing demonstrate the effectiveness of the proposed solution in detecting phishing attacks while also highlighting the privacy benefits provided by federated learning.
|
|
|
Web application module for the design of cybersecurity curricula
Hrachovina, Jiří ; Sikora, Marek (referee) ; Ricci, Sara (advisor)
Tato práce se zaměřuje na vylepšení webové aplikace REWIRE Cybersecurity Profiler integrací algoritmu strojového učení na analýzu popisů kurzů. Tento komponent umožnuje automatickou analýzu popisů kurzů a propojuje výstupní dovednostní skupiny s profily ENISA ECSF. Práce také navrhuje několik vylepšení existující aplikace a to implementaci funkčních URL, vizualizaci návštěvnických dat skrze grafy, generování popisů kurzů pomocí ChatGPT a optimalizaci prvků uživatelského rozhraní. Práce také obsahuje demonstraci aplikace a její užitečnosti v navrhování studijních programů.
|
|
|
SRv6 protocol and its use in education
Považan, Martin ; Zeman, Václav (referee) ; Slavíček, Karel (advisor)
SRv6 je protokol novej generácie, ktorý kombinuje segmentové smerovanie a IPv6 pomocou flexibilných rozširujúcich hlavičiek IPv6. SRv6 je plynulo implementovaný v súčasných chrbticových sieťach poskytovateľov služieb a jeho cieľom je stať sa nástupcom v súčasnosti používaného protokolu MPLS. Táto bakalárska práca analyzuje protokol SRv6 a opisuje jeho možnosti zabezpečenia a emulácie. Protokol SRv6 je analyzovaný a porovnávaný s protokolom MPLS z hľadiska kybernetickej bezpečnosti. V praktickej časti bolo navrhnuté laboratórne cvičenie demonštrujúce vlastnosti protokolu SRv6 s využitím emulátora siete Containerlab.
|
|
|
Honeypot for operational technology
Tydlačková, Julie ; Holasová, Eva (referee) ; Blažek, Petr (advisor)
This bachelor thesis discusses the challenges associated with the deploying a honeypot for operational technologies protocols. Specifically, it examines the current situation regarding the OPC UA protocol. Despite its proliferation, reliable implementations for the OPC UA honeypots still do not exist. To address this gap, a simple honeypot design was created and implemented. It was built on the honeynet project. The knowledge necessary for this implementation was gained from the analysis of existing honeypots and theoretical insights.
|
|
|
Impact of AI Tools on Code Quality and Security
Vinarčík, Peter ; Holop, Patrik (referee) ; Malinka, Kamil (advisor)
Táto práca predstavuje novovytvorenú aplikáciu, ktorá je schopná vykonávať large scale výskum pre hodnotenie bezpečnosti a kvality kódu generovaného AI. Tiež bol predstavený nový spôsob vyhodnocovania bezpečnosti kódu generovaného AI, za využitia MITRE's metodológie v kombinácii so SAST toolmi vykonávajúcimi statickú analýzu nad kódom. Aplikácia je navyše rozšírená o vylepšeného AI chatbota, ktorého výstup je obohatený o výsledky statickej analýzy v čase generovania. Užívateľ vloží dataset promptov do aplikácie, a v prípade, že bol pre určitý prompt vygenerovaný kód so zraniteľnosťou, je táto zraniteľnosť ohodnotená zavedenou metodológiou a užívateľ dostáva informáciu nie len o tom, že kód je zraniteľný, ale ako veľmi. Súčasťou riešenia je aj oproti existujúcim výskumom veľké, pilotné testovanie popularných AI ako ChatGPT-4 či Gemini, nad datasetom promptov s využitím novej aplikácie. Výsledky ukázali dominanciu ChatGPT-4 bežiacom na modeli GPT-4, oproti ostatným testovaným AI.
|
|
|
Quality assurance of RHEL systems with a high level of security
Javorský, Lukáš ; Matěj,, Týč (referee) ; Sedlák, Petr (advisor)
Cieľom diplomovej práce je vyvinúť proces zabezpečenia kvality pre operačné systémy RHEL s vysokou úrovňou zabezpečenia. Táto práca je vedená snahou vytvoriť používateľsky prívetivé testovacie prostredie pre inžinierov kvality, ktoré im umožní jednoducho overiť funkčnosť systémových balíkov aj v prostredí zabezpečeného testovaného systému. Dosia\-hnutý výsledok bol realizovaný integráciou existujúceho softvérového portfólia spoločnosti Red Hat, konkrétne aplikáciami Image Builder a OpenSCAP, čo viedlo k vytvoreniu predpripravených zabezpečených virtuálnych strojov. Následne integrácia s aplikáciou na správu testov Testing Farm spoločnosti Red Hat slúži na zjednodušenie poskytovania cloudového virtuálneho stroja a poskytovanie zavedeného testovacieho prostredia.
|
|
|
A feedback profiling model for cybersecurity education and training
Lazarov, Willi ; Kuchař, Karel (referee) ; Martinásek, Zdeněk (advisor)
The need to educate users to some extent in cybersecurity is undeniable given the ever-increasing cyber threats. However, the approach to education and training cannot be simply generalized due to the different environments, technical backgrounds, and age groups of users. In addition, it is also important to proactively monitor, evaluate, and provide feedback to the individuals being taught or trained. The master's thesis addresses these challenges through the research and development of a feedback profiling model for effective cybersecurity education and training. The thesis first begins with a discussion of methods and techniques for cybersecurity education. Subsequently, the problem addressed is described in more detail, followed by the design of the proposed solution in the form of the profiling model with automatic feedback. The model, which consists of a profiling matrix, a profiling algorithm, and a learning curve, was first created and expressed mathematically without considering the properties of a particular cyber range platform and programming language, especially for easy replication, modification, and extension. Independently, the profiling model was implemented and subsequently integrated into the Brno University of Technology Cyber Arena (BUTCA) platform to validate the model on learning data from students of grammar schools, technical high schools, and universities. The resulting solution of this thesis brings to the cybersecurity field a new innovative approach to the evaluation of learned and trained users with an emphasis on individual feedback and continuous learning.
|
|
|
Integration of A/D game scenario into the BUTCA platform
Slaný, Radek ; Lieskovan, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
Nowadays we live in world where it is almost impossible to exist without information technologies. Therefore, higher requirements for cyber security arise and with the requirements grows the need for trained professionals. BUTCA is Cyber Range platform which provides, through educational scenarios, students and professionals environment where they can test their theoretical knowledge in practical examples. Current scenarios in BUTCA are focused either on defensive or offensive cyber security skills. This master’s thesis proposes educational scenario that is focused on defensive and offensive security skills at the same time. Scenario is designed for teams competing each other, each team tries to compromise instances of the other team while trying to defend own instances against cyber attacks of other team. Main contribution of this master’s thesis is design and implementation of described scenario which will be easily scalable for teams of different number of players and also that would be easily expandable thanks to usage of its own library of vulnerabilities. Final implementation of the educational scenario was imported into BUTCA platform where the scenario was tested with the assistance of team of professional penetration testers.
|
|
|
Virtual reality cyber gym
Nguyen, Van Phuc ; STODOLA,, Jiří (referee) ; Číka, Petr (advisor)
Diplomová práce představuje návrh a implementaci kybernetické tělocvičny pro virtuální realitu, která integruje imerzivní technologie pro modelování sítě. Na základě teorií z oblasti kybernetické bezpečnosti a sítí, virtuální reality, studie vytváří teoretický rámec. Je uvedena analýza SOTA, která přezkoumává použití VR v oblasti kybernetické bezpečnosti. Metodicky práce využívá Unreal Engine 5 pro vytvoření syntetického 3D prostředí a návrh interaktivních principů objektů ve virtuálním světě. V rámci praktické části práce je podrobně popsána architektura systému, interakce mezi IT komponentami, simulující podmínky reálného světa, přenesené do virtuální reality. Implementace zahrnuje programování platformy s důrazem na problémy a jejich řešení. Výsledky a diskuse analyzují efektivitu simulátorů pro výcvik v kybernetické bezpečnosti, rámovanou stanoveným teoretickým rámcem. V závěru studie jsou uvedena doporučení pro budoucí zlepšení a praktické využití.
|
|
|
Ensuring availability and security in industrial networks
Zatloukal, Zdeněk ; Fujdiak, Radek (referee) ; Holasová, Eva (advisor)
Currently, a key aspect of industrial automation is ensuring a high level of security, reliability, and data availability in industrial communication networks. Given the rising cyber threats, it is essential to develop and implement advanced strategies for protecting industrial infrastructures. This thesis aims to perform a comprehensive analysis and development of security solutions for industrial networks, focusing on the Modbus RTU/TCP and MQTT communication protocols, which are crucial for the effective management of modern industrial operations. The work employs methodological approaches that combine theoretical research with practical experiments. It includes an analysis of existing protocols, the design of communication security through these protocols, and their subsequent testing in a controlled industrial environment to verify security, efficiency, and reliability. The analysis revealed significant deficiencies in the security of existing systems and led to the integration of new security measures into the industrial switchgear, which significantly improved the protection of data and communication infrastructure. The implemented solutions demonstrate significant progress in protecting industrial networks against various types of attacks. This thesis represents a significant contribution to the field of industrial network security. The results of the work provide valuable information for the further development of security technologies in the industry and offer practical guides for engineers and technicians who are working on improving the security status of industrial systems.
|
guest ::
