|
|
Attendance terminal
Antoš, Jan ; Petyovský, Petr (referee) ; Macho, Tomáš (advisor)
This master thesis aims to get acquainted with the issue of terminals and to list the parameters of attendance terminals available on the market. To define the customer requirements for the operation of the attendance terminal with touch screen and RFID reader. Specify the communication of the terminal with the parent server. Design the concept of the attendance terminal, select the appropriate components for the implementation of the terminal and draw the block diagram. Design the structural layout of the terminal. Implement the terminal, revive it and then debug the necessary software.
|
|
|
Advanced tool for generating modern Slow DoS attacks
Hrůza, Tomáš ; Člupek, Vlastimil (referee) ; Sikora, Marek (advisor)
In today’s world, cyber threats are becoming increasingly sophisticated. Those threats include SDoS (Slow Denial of Service) and SDDoS (Slow Distributed Denial of Service) attacks, which employ advanced methods to disrupt normal service operations. These attacks are particularly difficult to detect and are effective because they simulate the behavior of legitimate users with slow internet connections. The topic of SDoS attacks is relatively new and not thoroughly documented. To respond to potentially newly devel- oped attacks, it is necessary to understand the principles of currently known attacks and have the practical capability to create them in order to develop effective countermeasures in the future. This thesis focuses on the development of an advanced tool for generating modern SDoS attacks. The main contribution of this work is the enhancement of the generator to create distributed attacks, the creation of an intuitive interface, and more options for monitoring the progress of individual attacks. The theoretical part introduces the topic of internet connection establishment and explains the properties of TCP and IP protocols in detail. It then clarifies the theory of secure communication over the internet using the HTTPS protocol and provides a comparison of currently used web servers. The final theoretical section addresses the topic of denial of service, discussing some types of currently known SDoS attacks, the tools that generate these attacks, and their shortcomings. Next chapter details the implementation of functionalities, which includes performance enhancements of the tool through the use of multiple processes. The developed tool features Slow Read, Slow Next, and Slow Drop attacks, as well as the ability to combine these attacks. This is followed by a description of how a local network of virtual machines was created for the purpose of testing the implemented tool. The final chapter presents the results and effectiveness of the tool in conducting SDDoS attacks against Apache and NGINX web servers in a local network.
|
|
|
Ensuring availability and security in industrial networks
Zatloukal, Zdeněk ; Fujdiak, Radek (referee) ; Holasová, Eva (advisor)
Currently, a key aspect of industrial automation is ensuring a high level of security, reliability, and data availability in industrial communication networks. Given the rising cyber threats, it is essential to develop and implement advanced strategies for protecting industrial infrastructures. This thesis aims to perform a comprehensive analysis and development of security solutions for industrial networks, focusing on the Modbus RTU/TCP and MQTT communication protocols, which are crucial for the effective management of modern industrial operations. The work employs methodological approaches that combine theoretical research with practical experiments. It includes an analysis of existing protocols, the design of communication security through these protocols, and their subsequent testing in a controlled industrial environment to verify security, efficiency, and reliability. The analysis revealed significant deficiencies in the security of existing systems and led to the integration of new security measures into the industrial switchgear, which significantly improved the protection of data and communication infrastructure. The implemented solutions demonstrate significant progress in protecting industrial networks against various types of attacks. This thesis represents a significant contribution to the field of industrial network security. The results of the work provide valuable information for the further development of security technologies in the industry and offer practical guides for engineers and technicians who are working on improving the security status of industrial systems.
|
|
| |
|
|
Quantum and Post-quantum Cryptography
Krivulčík, Andrej ; Ricci, Sara (referee) ; Hajný, Jan (advisor)
S pokrokom v rozvoji kvantových počítačov prichádza hrozba prelomenia algoritmov ktoré sa používajú pri bežnej komunikácii. S týmto vzniklo odvetvie pre post-kvantovú kryptografiu ktoré vyvíja algoritmy odolné voči kvantovým počítačom. Cieľom tejto diplomovej práce naštudovanie metód pre kombináciu a využitie kľúčov ustanovených pomocou kvantových a post-kvantových algoritmov takým spôsobom, keby pri došlo k prelomeniu jedného z daných algoritmov tak výsledný hybridný klúč bude stále bezpečný. Výsledný klúč je následne využitý pri šifrovaní súboru pomocou AES--256 ktorý je zaslaný medzi klientami.
|
|
|
Automation of MitM Attack on WiFi Networks
Vondráček, Martin ; Lichtner, Ondrej (referee) ; Pluskal, Jan (advisor)
Tato bakalářská práce se zaměřuje na výzkum v oblasti bezpečnosti bezdrátových sítí. Práce přináší studii široce využívaných síťových technologií a principů zajištění bezpečnosti bezdrátových sítí. Analyzované technologie a způsoby zabezpečení trpí slabinami, které mohou být zneužity k provedení útoku MitM . Práce zahrnuje přehled dostupných nástrojů zaměřených na využití jednotlivých slabin. Výsledkem této práce je balíček wifimitm a CLI nástroj, oba implementované v jazyce Python. Balíček poskytuje funkcionalitu pro automatizovaný útok MitM a může být použit jako součást dalšího software. Nástroj wifimitmcli je schopen úspěšného provedení plně automatizovaného útoku bez jakéhokoli zásahu útočící osoby. Tento výzkum nachází využití v oblasti automatizovaných penetračních testů a forenzního vyšetřování.
|
|
|
Camera Recording Management System
Šulc, Ondřej ; Rychlý, Marek (referee) ; Očenášek, Pavel (advisor)
The aim of this bachelor thesis is to create a network security system focusing on compatibility with the widest possible group of IP cameras from various manufacturers and support for remote access to records even from places outside the local network. This problem is solved using two closely cooperating applications. The first application runs on a device in the local network (in our case miniPC Raspberry Pi). The application creates the records by receiving and storing RTSP transmissions from individual cameras. It then modifies these records into a form usable for display on websites and sends the second application from which the user can access them. This application is referred to in the text as agent or agent application. The second application has a web user interface and serves the end user as a tool to manage agents, IP cameras and captured records. By principle of the application, it is important for it to be accessible on a publicly available domain. This application is referred to in the text as web or web application. The use of this architecture does not violate any of the network communication standards, which include, in particular, the initialization of communication from the network behind the NAT service.
|
|
|
Management and Monitoring System for Computer Lab
Kudláček, Marek ; Zeman, Kryštof (referee) ; Mašek, Pavel (advisor)
This master's thesis deals with a system for PC mass management and monitoring. There is a brief description of Puppet, Chef and Ansible, which are tools enabling this functionality. The overall system issues are solved by Ansible. This thesis also includes a script created for a classroom’s remote management according to a beforehand fixed assignment. The system enables remote installation and configuration of applications, creation of users, editing the files, update of the system and many more. A web application was created for this system. Through this application, the system can be controlled via web browser, both from local and public network. Practical examples of the issue dealt with is also part of the thesis.
|
|
|
Web Information System and its Security Principles
Nehasil, Filip ; Rychlý, Marek (referee) ; Očenášek, Pavel (advisor)
The main topic of the thesis is problem of the security of the web application. Spheres that are likely to be vulnerable are thoroughly examined and ways of protecting the application in the area of access control, data transfer, user input, output and state keeping are suggested. Furthermore, with regard to the security, possible solutions of audit, backing up, web server security, database design and protection against spam robots are described. This project is also concerned with the analysis of requirements, detailed design and implementation of the club information system with demonstration of mentioned security solutions. The systems of members' evidence, evidence of breeding dogs and their pedigrees, publication of actions and results and the content management system of other sections of the web presentation are among others implemented within the scope of this IS. All the implementation solutions are based on HTML, CSS, JavaScript, PHP and MySQL technologies.
|
|
|
Facebook Social Network Datamining and Reconstruction of Captured Communication
Bruckner, Tomáš ; Kmeť, Martin (referee) ; Pluskal, Jan (advisor)
This thesis deals with social network Facebook from perspective of computer forensic science with focus on obtaining sensitive information about tracked users. Its main goal is implementation of the tools for reconstruction of captured communication and Facebook data mining. Core of this application has been implemented in framework for processing of captured communication Netfox.Framework, which is being developed by Faculty of Information Technology, Brno University of Technology. Man-in-the-Middle attack has been used for capturing of decipherable communication. Selenium WebDriver has been used as a tool for data mining. Developed solution is able to reconstruct Facebook conversations between users, addition of new statuses and comments, and interception of sent files. Data mining module is able to obtain public information about tracked users, especially places they recently visited, past and upcoming events, public user details, albums and photos, friendlists and mutual friends with other users. As part of the bachelor thesis, data analysis, implementation of the application, validity testing and benchmark analysis have been performed.
|
guest ::
