|
|
Psychological principles in techniques of social engineering
Pohorelec, Pavel ; Sigmund, Tomáš (advisor) ; Kašparová, Eva (referee)
Social engineering is type of attack, usable against an organization or individual. It focuses on weaknesses of human factor. In recent times, characterized by anonymity, fast pace and focus on technologies presents this way of attack a dangerous threat. Human factor tends to be underestimated in defense, into which organizations invest large amounts of money. Even though social engineering has been written about many times, most of work has been focused more on technical part, and explaining techniques of social engineering has been left out. The goal of this paper is explaining these techniques from psychological point of view, and using that as a basis for defense for organizations, threaten by social engineering attack. In first part, this work describes two main themes -- social engineering and social psychology. Afterwards, it describes principles, which are used in social engineering attack, and ways in which social engineering uses them. In second part are these information used to analyze several practical examples of social engineering attack. Then, they are used to formulate practical advices to defend against social engineering attack.
|
|
|
Phishing and the human factor
Kalinová, Diana ; Sigmund, Tomáš (advisor) ; Pavlíček, Luboš (referee)
The main aim of the diploma thesis is to underline the importance of human factor for the success of phishing attacks and to identify the reasons, why the Czech and Slovak users are vulnerable to phishing. The thesis focuses on the user as the weakest part in the system which phishers exploit. Social and technical tricks that are cheating users are in the second chapter. The third chapter focuses on social engineering and sociological methods of attack. The fourth chapter is devoted to the delivery of phishing and fifth chapter explores the various types of phishing attacks. The sixth chapter presents the reasons for the operation of phishing, the aspects of credibility and authenticity of e-mails and web sites, that users follow and the implications of using the context in phishing. The victims of phishing have specific reactions which are mentioned in the seventh chapter. The eighth chapter explores the various measures against phishing, not just technology. Mentioned eight chapters present a theoretical basis for the following chapters of the diploma thesis. In the ninth chapter is performed analysis of the global situation of phishing. Through analysis are identified current and historical trends in phishing. Finally, the chapter shows the implications for the user. The tenth chapter is devoted to the phishing attacks in the Czech and Slovak Republic which are interesting in terms of the importance of human factor. We determine whether users are able to defend attacks only with their carefulness, mindfulness and awareness of phishing. Within the last chapter is taken empirical research through the questionnaire survey. The research verifies the awareness of the Czech and Slovak users about phishing, their personal experiences with phishing, their security habits and the aspects of credibility and authenticity that they consider in emails and websites. Based on all findings are drawn conclusions and recommendations.
|
|
|
Human factor in IS/ICT security
Reich, Jan ; Doucek, Petr (advisor) ; Veber, Jaromír (referee)
As the sheer volume of data stored in various information systems grows, importance of its security becomes a key concern. Great resources are being spent on security technologies protecting from external attacks, while the threat posed by people within the organization remains largely unadressed. The aim of the author of this thesis is to raise awareness of this internal threat and to provide recommendations whose implementation could help mitigate the problem.
|
|
|
Analysis of System of Development and Training of Employees in USS Košice, s.r.o .
Lesňák, Martin ; Campbell, Jan (advisor) ; Rohlíková, Petra (referee)
The bachelor thesis is aimed to describe the system of development and education of employees in the company U.S.Steel, s. r. o., its weaknesses and to propose system rationalization and optimalization. The bachelor thesis is divided into two chapters -- theoretical and practical one. The theoretical part provides a complex insight onto various approaches for the human factor to be developed. The practical part provides quantitative and qualitative insight. All facts and data were acquired by interviews and discussions with the employees as well as by going through company' s documents and data.The outcomes of the analysis are listed in the analytical part along with proposals to be applied to the system of development and education within the company.
|
|
|
Security of information society regard to a human factor
Němec, Petr ; Sigmund, Tomáš (advisor) ; Toman, Prokop (referee)
Bachelor thesis deals with safety of information society where one of the roles is played by human factor and its weaknesses are being tried to exploit by attackers, whose especially used methods of social engineering. Internet holds many dangers and number of targeted attacks on attractive targets rise as well. A new field for these attacks have become a social networks that connect the virtual and the real world. On one side there are users telling everything about their privacy, so high sensitive information that are welcomed source for the fictional identity of attackers. Sharing of these information is closely linked to the netiquette where one of the atributes is intellectual property information. This is an issue I dealt with in the penultimate chapter where I processed the results of the questionnaire. On the basis of the questionnaire I tried to underlay my previous claims in my bachelor thesis.
|
|
|
Synanthropic flora of villages on altitudinal gradient in southern part of the Czech Republic
JENČOVÁ, Dana
The study is a floristic survey of 131 villages in southern part of South Bohemia. In total 27.773 floristic records were collected with occurence of 585 taxa of wild vascular plants recorded, 548 taxa were further used in statistical analyses. Environmental factors with potencial effect on village flora composition and diversity were recorded along or extracted from various sources. Relations of diversity (number of species) and environmental factors were studied. Species composition was compared with these variables using multivariate statistical methods.
|
|
|
Human factor in IS/ICT
Skalický, Michal ; Klas, Jan (advisor) ; Matoušek, Josef (referee)
In todays world which is full of various technologies and we demand for sophisticated equipment, we often forget who is going to use the equipment. It is a person, the strongest part between all systems, and not only computing systems. But this person is simultaneously the weakness part of the system. This rule is often overtrumped by amount of technical literatures about security, which tries to push aside the core problem -- human factor. That is why we should constantly warn about human factor problems in the environment of information technology.
|
|
|
Faktory úspěšnosti neziskových organizací
Sladká, Alena ; Vávrová, Hana (advisor) ; Boukal, Petr (referee)
Cílem této práce je vytyčení oblastí, které jsou zásadní pro efektivní fungování neziskové organizace, resp. pro úspěšné naplňování poslání neziskové organizace. Zkoumanými oblastmi se staly faktory ovlivňující činnost občanského sdružení Poradna pro uprchlíky. V závěru práce docházím k názoru, že nejdůležitějším ze zkoumaných faktorů je faktor lidský a zejména potřeba profesionálních a vzdělaných pracovníků.
|
|
|
Potential and Limitations of Certain Public Information Systems from the Human Factors's Point of View
Halamíček, Jan ; Sigmund, Tomáš (advisor) ; Toman, Prokop (referee)
The work's aim is to specify the differences in the approach of humans in the role of users to the electronic information systems and the natural systems, which work on an interpersonal interaction and information exchange. The hypothesis about those differences is being verified on a group of qualitatively various web information systems using an evaluation of the human interaction with them, with an example of satisfying a common information need. The results of this interaction are a source of experience for designing electronic information systems in general.
|
|
|
Člověk jako klíčový prvek bezpečnosti IS
Grznár, Tomáš ; Doucek, Petr (advisor) ; Novák, Luděk (referee)
Práce se zabývá pozicí lidí v bezpečnosti informačních systémů. První část se zaměřuje na běžné uživatele a přináší rozbor toho, jaké nejčastější nebezpečí jim hrozí. Velká část je věnována představení nejčastějších typů hackerských útoků jako phishingu, sociotechnice a nebo malwaru. Čtenáři jsou pak prezentovány možné opatření, které je možné udělat, aby se dopady hackerských útoků snížily. Druhá část práce pak přináší manažerský pohled na bezpečnost lidských zdrojů. V práci jsou ukázány styčné plochy a možnosti řízení této oblasti z pohledu ITIL Security Managementu, ČSN ISO/IEC 13335 a ČSN ISO/IEC 27001. Výsledkem je pak souhrn doporučení, které může management společnosti v oblasti bezpečnosti lidských zdrojů přijmout. Opatření jsou koncipována tak, aby je bylo možné přijmout bez ohledu na to, jaká norma a nebo standard se používá k řízení bezpečnosti v podniku.
|
guest ::
