|
|
Cyber Escape Room
Kubík, Hynek ; Burda, Karel (referee) ; Fujdiak, Radek (advisor)
This thesis explores the synergetic potential of escape games and cybersecurity education. It begins with an overview of the principles of cyber security and their importance, followed by a detailed analysis of the typologies of escape games and current trends both in the Czech Republic and internationally. Different educational frameworks and models in cybersecurity are explored, along with an analysis of tools such as Cyber Threat Defender and CyberCIEGE. The study also includes survey analysis and suggests methodologies for creating educational materials and escape games focused on cybersecurity. The findings show the effectiveness of using escape games as a dynamic tool to enhance cybersecurity education.In the practical part, this thesis focuses on designing methodologies and scenarios for escape games along with subsequent testing and optimization of the scenarios
|
|
|
Analysis and design of an effective solution for integration of Web Application Firewall into SOC architecture
Hynek, Vojtěch ; Komosný, Dan (referee) ; Kubánková, Anna (advisor)
The thesis deals with the issue of integration of Web Application Firewall into the environment of Supervisory Security Center. The result of this thesis is an analysis of current integration options along with identification of the most common attacks on web applications. Using the analysis performed, the best suited WAF was selected along with its integration method. Furthermore, the thesis contains a detailed description of the chosen integration and its subsequent testing. Testing of the correctness of the firewall, its stress testing and its effect on the network delay was performed. A part of the thesis also describes the integration of WAF into a real SOC environment. The integration involves connection to log management and traffic monitoring technologies. At the same time, a custom integration with the MISP platform has been developed, which makes it possible to create dynamic rules for the WAF. The integration includes the creation of a custom parser, correlation rules and a test scenario. The last part of the thesis is devoted to the analysis of the impact of the WAF integration on the prevention and detection of cyber threats, which includes an evaluation of the emerging alerts over a period of one month.
|
|
|
Building security awareness at the Faculty of Business and Management
Volfová, Jana ; Ondrák, Viktor (referee) ; Sedlák, Petr (advisor)
This diploma thesis is focused on Security Awareness Education at the Faculty of Business and Management. It consists of three main parts: theoretical, analytical and practical considerations. The theoretical part is the introduction to basic terms, processes and analysis to help understand the thesis. The analytical part includes an introduction to the chosen organization and the implementation of analysis, which were presented in the theoretical part. The practical part contains, among other things, the actual proposals for Security Awareness Education at the faculty and its benefits.
|
|
|
The Design of the Maturity Model for Measuring Effectivity of the SIEM System in the Organisation
Kosková, Zdeňka ; Lukáš,, KUBÍK (referee) ; Ondrák, Viktor (advisor)
The bachelor‘s thesis addresses the issue of evaluating the effectiveness of the SIEM system in an industrial environment. The goal was to propose a methodology that uses a MITRE ATT&CK matrix for ICS for evaluation. The thesis first analyses existing solutions and their potential applications, followed by a description of monitoring evaluation in an energy company, which together with the matrix form the basis of the proposed solution. The main output of the thesis is a proposal for quantitative evaluation of individual techniques of the matrix, such as graphical interpretation and the possibility to share results securely with other CERT teams.
|
|
|
Industry 4.0 in according Design and Application of Production Machines
Serykh, Pavel ; Szabari, Mikuláš (referee) ; Knoflíček, Radek (advisor)
This Bachelor thesis is focused on the theme of CNC manufacturing machines and their use in accordance with the principles of Industry 4.0. The first part is a search of the current state in the field of the most frequently used CNC production machines in engineering according to their design and application. In the second part described principles, basic attributes and key technologies of Industry 4.0, defined concept. The last part is on top of the project conceptual workplace with CNC manufacturing machines in the premises of the technical high school VUTBR in accordance with the principles and tenets of Industry 4.0 and the evaluation of the results achieved.
|
|
| |
|
|
Capturing cyber-threats of industrial systems
Dobrík, Andrej ; Pospíšil, Ondřej (referee) ; Fujdiak, Radek (advisor)
S vedomím že kybernetické útoky stoja korporácie každoročne miliardy, počínajúc neoprávnenými útokmi, distribuovanými útokmi odmietnutia služieb (DDOS) až po vírusy a počítačové červy atď., prichádza problém s nástrojmi, ktoré majú k dispozícii správcovia systému. Táto diplomová práca sa venuje skúmaniu jedného z takýchto nástrojov, Honeypot. Presnejšie, Honeypot zariadeniam pre priemyselné riadiace systémy. Od historicky počiatočných implementácií takýchto systémov, cez analýzu súčasných riešení až po vytvorenie nového riešenia Honeypot, s vysokou mierou interakcie a následným nasadením na nový virtuálny súkromný server, po ktorom nasleduje analýza narušení, ktoré sa vyskytnú počas obdobia nasadenia.
|
|
|
Conversion between Formats for Sharing of Network Security Alerts
Eis, Pavel ; Wrona, Jan (referee) ; Žádník, Martin (advisor)
There are many platforms and systems designed for sharing cyber security incidents and events, which often use different security formats. This way it gets harder or even not possible to share security incidents and events between organizations, which are using these platforms. Solution of this problem may be creation of converters, which are capable of converting used security formats between each other. This work solves conversion between security formats IDEA, MISP and STIX. In the process of conversion, it is important to care about conversion flow, to prevent information loss or different category of event assignment, than which it was originally represented by. If the conversion is accurate enough, it can be easier achieved more precise and broader analysis of cyber security incidents.
|
|
|
Statistical output of security audits
Hrubešová, Gabriela ; Vlastimil,, Svoboda (referee) ; Sedlák, Petr (advisor)
The subject of this diploma thesis is a statistical analysis of security audits. The theoretical part describes key terms in the field of cyber and information security, basic background for this area and important regulations. The next part focuses on the description of security audit, its course, necessary conditions and content. The last part is devoted to statistical analysis of obtained samples. We analyse samples from several points of view, compare and look for features and information that could be helpful to the auditor’s assessment.
|
|
|
Draft Recovery Plan for the infrastructure of the Faculty of Business and Management
Srnec, Jan ; Kubek, Ján (referee) ; Sedlák, Petr (advisor)
This diploma thesis deals with the proposal of a “Disaster Recovery Plan” for the Informatics department at BUT’s Faculty of Business and Management. The first part consists of theoretical basis of crucial parts of disaster recovery plan, which is the very foundation for the proposal itself. The second part follows up with a description of the server room of the Informatics department, in particular its IT equipment. The third part deals with the very disaster recovery plan proposal which will function as a school code regulation and a foundation for a Business Continuity Management System document.
|
guest ::
