|
|
A Web Presentation of JShelter Project
Krčma, Jan ; Polčák, Libor (referee) ; Bednář, Martin (advisor)
This thesis deals with creating user-friendly web presentation of the project JShelter, in which its advantages in terms of the safety of its users when navigating the World Wide Web are highlighted, so that their anonymity and at the same time the functionality of the visited sites are sufficiently preserved. Above all, the result provided by the JShelter browser extension against tracking the user based on the deviation of his internal clock and also the confirmation of the same-origin policy protection will be shown.
|
|
|
Porting of Chrome Zero Functionality to JavaScript Restrictor
Horňák, Peter ; Večeřa, Vojtěch (referee) ; Polčák, Libor (advisor)
This thesis deals with improvements of security and privacy protection of web browser users by enhancing functionality of web browser extension called JavaScript Restrictor, which prototype was created in order to protect users on web. Within this thesis are analyzed security measures realized by tool Chrome Zero, which implements measures against microarchitectural attacks, attacks abusing high resolution timers and abuse of JavaScript engine. Thesis evaulates topicality of measures and integrates selected into JavaScript Restrictor. Measures are tested and evaluated from every day use point of view.
|
|
|
Web Browser Extension Providing Protection of Company Data
Dvořák, Jan ; Bednář, Martin (referee) ; Polčák, Libor (advisor)
This thesis focuses on securing company data stored in SaaS storage. In contrast to data stored on-premise, data stored in the cloud face several additional risks, be it from the outside as well as from the inside of the organization. The main risk, whose impacts we try to mitigate in this work, is an accidental data leak by one of the organization's employees. An extension for the Google Chrome web browser was designed and implemented as a solution to this issue. Implementation complications rising from transitioning to a new version of the manifest are also examined in part of this work. The thesis is concluded with the execution of experiments simulating practical data loss scenarios and a verdict on whether a web extension is an appropriate means for creating a tool providing data loss prevention capabilities.
|
|
|
Deepfake Detection Framework
Bernard, Jan ; Perešíni, Martin (referee) ; Malinka, Kamil (advisor)
Tvorba deepfake se za poslední dobu velmi zlepšila a tudíž je obávanou hroznou pro společnost. Detekční metody odhalující deepfake také reagovali rozvojem, ale stále není široké veřejnosti dostupné dostatečné množství kvalitních nástrojů. Tato práce se zaměřuje na vytvoření frameworku na detekci deepfake, který bude jednoduše rozšiřitlený dalšími detekčními metodami v budounu a přitom jednoduchý a dostupný široké veřejnosti.
|
|
|
JavaScript Code Normalization During Detection of Vulnerabilities
Havlíček, Lukáš ; Dolejška, Daniel (referee) ; Polčák, Libor (advisor)
This thesis deals with the minification, obfuscation of JavaScript and normalization of abstract syntactic trees for browser extensions implemented in Mr. Randýsek’s thesis. The tools and techniques of both JavaScript minification and obfuscation have been studied. This information was used in the design and implementation of abstract syntactic tree normalization. The trees are used in a Chrome browser extension that detects and corrects JavaScript code. I tested the normalizations with unit and integration tests. I also tested the vulnerability detection extension, where I detected 125 vulnerabilities on 1000 websites.
|
|
|
Web Browser Extension Providing Protection of Company Data
Dvořák, Jan ; Bednář, Martin (referee) ; Polčák, Libor (advisor)
This thesis focuses on securing company data stored in SaaS storage. In contrast to data stored on-premise, data stored in the cloud face several additional risks, be it from the outside as well as from the inside of the organization. The main risk, whose impacts we try to mitigate in this work, is an accidental data leak by one of the organization's employees. An extension for the Google Chrome web browser was designed and implemented as a solution to this issue. Implementation complications rising from transitioning to a new version of the manifest are also examined in part of this work. The thesis is concluded with the execution of experiments simulating practical data loss scenarios and a verdict on whether a web extension is an appropriate means for creating a tool providing data loss prevention capabilities.
|
|
|
A Web Presentation of JShelter Project
Krčma, Jan ; Polčák, Libor (referee) ; Bednář, Martin (advisor)
This thesis deals with creating user-friendly web presentation of the project JShelter, in which its advantages in terms of the safety of its users when navigating the World Wide Web are highlighted, so that their anonymity and at the same time the functionality of the visited sites are sufficiently preserved. Above all, the result provided by the JShelter browser extension against tracking the user based on the deviation of his internal clock and also the confirmation of the same-origin policy protection will be shown.
|
|
|
Porting of Chrome Zero Functionality to JavaScript Restrictor
Horňák, Peter ; Večeřa, Vojtěch (referee) ; Polčák, Libor (advisor)
This thesis deals with improvements of security and privacy protection of web browser users by enhancing functionality of web browser extension called JavaScript Restrictor, which prototype was created in order to protect users on web. Within this thesis are analyzed security measures realized by tool Chrome Zero, which implements measures against microarchitectural attacks, attacks abusing high resolution timers and abuse of JavaScript engine. Thesis evaulates topicality of measures and integrates selected into JavaScript Restrictor. Measures are tested and evaluated from every day use point of view.
|
|
|
Web Data Extraction
Novella, Tomáš ; Holubová, Irena (advisor) ; Polák, Marek (referee)
Creation of web wrappers (i.e programs that extract data from the web) is a subject of study in the field of web data extraction. Designing a domain-specific language for a web wrapper is a challenging task, because it introduces trade-offs between expressiveness of a wrapper's language and safety. In addition, little attention has been paid to execution of a wrapper in restricted environment. In this thesis, we present a new wrapping language -- Serrano -- that has three goals in mind. (1) Ability to run in restricted environment, such as a browser extension, (2) extensibility, to balance the tradeoffs between expressiveness of a command set and safety, and (3) processing capabilities, to eliminate the need for additional programs to clean the extracted data. Serrano has been successfully deployed in a number of projects and provided encouraging results. Powered by TCPDF (www.tcpdf.org)
|
guest ::
