|
|
Blockchain in National Security
Pavliv, Katerina ; Střítecký, Vít (advisor) ; Špelda, Petr (referee)
The given work is dedicated to the provision of the evaluation on the effectiveness of Blockchain if applied within national security. The research is done through the summative evaluation approach, which allows to estimate the studied phenomenon in one realm in terms of its level of usefulness and transfer the findings to the framework of the thesis on the basis of the main methodological hypothesis. The research comprises the analysis and evaluation of the Blockchain environment, levels of operation, existing normative clash, the componential issues of the latter, provision of the final perspectives of the potential incorporation of the Blockchain technologies into national security with the discussion on the possible application, benefits of the platform, its social and technical vulnerabilities, and limitations.
|
|
|
Security exercises for ethical hacking
Paučo, Daniel ; Lieskovan, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
This master thesis deals with penetration testing and ethical hacking. Regarding to the layout of the thesis there was prepared appropiate enviroment to realize Red/Blue team exercise, where Red team is in a role of the attacker and Blue team is in a role of defender of the network infrastructure. Whole infrastructure is implemented in a cloud virtual enviroment of VMware vSphere. Second part of the thesis consists of preparation and creation of the exercise to test web application security. Third part of the thesis is dedicating to the automatization of redteaming. Main focus of this master thesis is to demonstrate different attack vectors how to attack the network infrastructure and web applications and use of the defense mechanisms to avoid this kinds of attacks.
|
|
|
Ensuring security of online payment services
Havlíková, Nikola ; Kotáb, Petr (advisor) ; Kohajda, Michael (referee)
Ensuring security of online payment services Abstract The thesis is devoted to the topic of ensuring security of online payment services, especially in the context of identification and authentication of the client in the Internet when performing acts related to the provision of payment services. The issue of the customer identity is described especially in the context of know your customer principle governed by legal regulation in the area of combating money laundering and financing of terrorism, and in the context of the obligation to carry out a strong customer authentication (SCA) brought by the PSD2 directive and related RTS. The aim of the thesis is to describe and critically evaluate the legislation in the area of ensuring security of online payment services, meaning the binding legislation, soft law and rules created by entities operating on the payment services market. In this context, the thesis also deals with the question of proportionality of legislation in connection to the positive user experience and the possibility of implementing innovative FinTech solutions. The thesis is divided into four chapters, supplemented by introduction to the respective subject matter and conclusion summarizing the observations made in the thesis. The first chapter is devoted to the general definition of the...
|
|
|
DYNAMIC BIOMETRIC SIGNATURE AS AN EFFICIENT TOOL FOR INTERNAL CORPORATE COMMUNICATION
Hortai, František ; Jašek, Roman (referee) ; Dočkal, Jaroslav (referee) ; Dostál, Petr (referee) ; Smejkal, Vladimír (advisor)
The aim of this thesis is to provide comprehensive information on the possibilities of authentication, combination of authentication factors and the integration of this issue into corporate communication. The work focuses on this issue and specifies the possibilities for obtaining authentication information, analyses the authentication methods, identification and authorization. It examines the applicability of biometric technologies, the principle of their functionality, examples of their use, their impact, the advantages and disadvantages they bring. A natural, easy-to-use, convenient tool for effective and secure communication is authentication including the dynamic biometric signature. The issues of the dynamic biometric signature technology and its implementation are examined from a comprehensive perspective involving experiments. The research proved that the dynamic biometric signature can serve as a method for supporting secure corporate communication and reduce authentication risks in companies and for individuals.
|
|
| |
|
|
Analysis of the GlobeImposter ransomware
Procházka, Ivo ; Komosný, Dan (referee) ; Martinásek, Zdeněk (advisor)
The aim of this diploma thesis is to analyze an instance of the GlobeImposter ransomware extracted from an affected device. The first part outlines various types of malware and ransomware and includes a description of encryption mechanisms and key distribution systems. It also discusses possible approaches of static and dynamic analysis of malware samples and requirements for test environments. The practical part describes the source of the malware sample, the physical and virtual test environment and the results of the static and dynamic analysis of the GlobeImposter ransomware. The final part discusses the results and the possibility of implementing a decryptor for the analyzed GlobeImposter ransomware.
|
|
|
Between Defence and Offence: An Analysis Of The US "Cyber Strategic Culture"
Persoglia, Davide ; Střítecký, Vít (advisor) ; Karásek, Tomáš (referee)
The present thesis deals with the US strategic approach and posture to cybersecurity from a national point of view. On such a topic much has been written already, nonetheless the present work finds a degree of originality by tackling such object of analysis shifting the focus to a ideational perspective. By drawing insights from the meta-theory of Constructivism and the rich research tradition on strategic culture, the present thesis aims at understanding what kind of norms seem to be informing/mirroring what has been labelled the US "cyber strategic culture", and if it is possible to speak of a "shift", or at least track an evolution regarding them, in a historical timeframe that runs from the early 2000s up to the present days. To pursue the stated research agenda, a methodology grounded in discourse and thematic analysis is utilised, with an analytical framework centred around two opposite "thematic normative categories" (themes) called "defensiveness" and "offensiveness", each characterised by a "story" made up by three sub-themes, delineating specific strategic behaviours. A set of official strategies, all tackling cybersecurity and published during the mentioned timeframe by both the White House and the military, form the primary sources to which such methodology is applied, with particular...
|
|
|
NATO and Offensive Cybersecurity: A Strategic Analysis
Lopes Carvalho Viana, André ; Střítecký, Vít (advisor) ; Csernatoni, Raluca (referee)
This thesis presents a strategic analysis on the possibility of use of offensive cyber capabilities by NATO in its defensive efforts. There is a vast array of academic literature regarding the strategic value of the use of offensive capabilities in cybersecurity, and NATO's cyber posture, however, there is little available regarding the relationship between both. Through the use of tools borrowed from Strategic Studies, this thesis attempts to determine whether it is possible to formulate valid cybersecurity strategies for the use of offensive cyber capabilities from the combination of known academic concepts with current NATO capabilities. The thesis also analyzes the possible implications of using such strategies as well as the underlying causes of their potential success or failure. Viana, André Lopes C. NATO and Offensive Cybersecurity: A Strategic Analysis, [number of pages]p. Master Thesis. Charles University, Faculty of Social Sciences, Institute of Political Studies. Supervisor PhDr. Vít Střítecký, M.Phil., Ph.D.
|
|
|
Strategy for the development of education in the field of ICT security at universities
Sulanová, Monika ; Doucek, Petr (advisor) ; Korber, Karel (referee)
The thesis deals with the problems of education in ICT security experts at universities in order to design a strategy for the development of education in present degree courses that dealing with this issue. The theoretical part focuses on the definition of ICT security and to familiarize the reader with the basic concepts of information security management and management of cyber security and gives an overview of the overall development of ICT security and the current trends in this area. It also describes the current situation on the labor market in relation to ICT security and the education of professionals in this field and characterizes the existing recommendations for education in ICT security. Practical part focuses on analyzing the current education ic ICT security and on analyzing the knowledge and skills requirements of the labor market to professionals in this area. Defines the basic professional role and knowledge domains that should be covered by this role. In the analytical part they are evaluated current profiles of graduates Master's degree programs focused on this area in order to find gaps in the knowledge base of graduates based on the requirements of the labor market and the existing recommendations. The results of the analysis are input to define a strategy on education in ICT security, which gives basic recommendations on how to eliminate the shortcomings.
|
|
|
Assessment of cyber risk in the banking industry
Spišiak, Michal ; Teplý, Petr (advisor) ; Maršál, Aleš (referee)
There has never been more need to discuss cybersecurity related issues. We live in a world where criminals do not have to physically visit a bank to steal money from it, where elections results can be influenced by data breached from personal email accounts, where to win a war a country needs skilled cybersecurity specialists rather than powerful weapons and where patients do not get recommended treatment because a hospital is under a cyberattack. The financial industry as a backbone of any modern economy requires adequate protection against cybercrime. We discuss major cyber threats for financial institutions as well as possible protection methods. After that we introduce Basel II Framework for operational risk assessment and we evaluate data breach risk in an empirical analysis. 1
|
guest ::
