|
|
Optimization of Classification Models for Malicious Domain Detection
Pouč, Petr ; Jeřábek, Kamil (referee) ; Hranický, Radek (advisor)
Tato diplomová práce se zaměřuje na rozvoj pokročilých metod pro detekci škodlivých doménových jmen s využitím optimalizačních technik v oblasti strojového učení. Práce zkoumá a hodnotí účinnost různých optimalizačních strategií pro klasifikaci. Jako nástroje pro hodnocení jsem vybral klasifikační algoritmy, které se liší v jejich přístupu, včetně hlubokého učení, techniky rozhodovacích stromů, nebo hledání hyperrovin. Tyto metody byly posouzeny na základě schopnosti efektivně klasifikovat doménová jména v závislosti na použitých optimalizačních technikách. Optimalizace zahrnovala vytvoření přesně označených datových sad, aplikaci technik zpracování dat, pokročilou selekci atributů, řešení nerovnováhy tříd a ladění hyperparametrů. Experimentální část práce prokazuje vynikající úspěšnost kombinováním jednotlivých metod. Přičemž nejlepší modely CNN dosahovaly až 0.9926 F1 při současném snížení FPR na hodnotu 0.300%. Přínos práce spočívá v poskytnutí konkrétních metod a strategií pro efektivní detekci škodlivých doménových jmen v oblasti kybernetické bezpečnosti.
|
|
|
Design and implementation a phishing campaign
Kosková, Šárka ; Aleš,, Přibyl (referee) ; Sedlák, Petr (advisor)
The theoretical part defines the basic concepts related to this topic such as information and cyber security, phishing (history and types), spam, social engineering, legal responsibilities and preventive measures of fraudulent behaviour, etc. The practical part deals with the creation of a phishing campaign targeting the employees of a specific company, thanks to which it is possible to assess the overall information security. Once the campaign has been evaluated, an assessment is made as to whether the campaign was effective and what may have influenced its success.
|
|
|
The use of federated learning in the field of security on Android OS
Szüč, Martin ; Myška, Vojtěch (referee) ; Michálek, Jakub (advisor)
This thesis explores the use of federated learning in the context of cybersecurity, specifically in detecting phishing attacks via email on the Android operating system. The~theoretical part of the thesis deals with concepts of federated learning, machine learning, and various phishing techniques. The main goal of the practical part is to design and implement a mobile application that uses federated learning to train machine learning models. This application is designed to detect phishing emails while ensuring that the content of the emails is not sent to a central server, thereby protecting users' sensitive data. The~thesis includes the design of the application architecture, integration of Python modules, processing and classification of emails, and implementation of federated learning. The results of the application testing demonstrate the effectiveness of the proposed solution in detecting phishing attacks while also highlighting the privacy benefits provided by federated learning.
|
|
|
Email client for seniors
Vala, Robin ; Sláčik, Ján (referee) ; Komosný, Dan (advisor)
The bachelor thesis focuses on the design and development of an e-mail client that is adapted to the needs of seniors aged 90 years and older. The main goal was to create a user-friendly interface that minimizes complexity and includes only the necessary features relevant to this target group of people. In addition, audio assistance was integrated into the application, which significantly facilitates navigation in the program environment and improves the overall user experience. As part of the application’s security, a special feature has been implemented to warn users of the potential dangers associated with links leading to fraudulent websites contained in received email messages. This measure helps to protect users from online threats and scams. The complete source code of this thesis is freely available in the Github repository.
|
|
|
Phishing campaign design
Duong, Tuan Hung ; Michal,, TRTIL (referee) ; Ondrák, Viktor (advisor)
The thesis deals with implementing a tool to design and simulate phishing attacks. The first part of the thesis focuses on the history of phishing, phishing strategies, forms of attacks, and an analysis of previous incidents in the real world. Using the open-source phishing framework GoPhish, a phishing e-mail will be created. The design of the phishing e-mail will be based on the analysis of real phishing e-mails.
|
|
|
Web browser for seniors
Nguyen, Tuan Ninh ; Kubánková, Anna (referee) ; Komosný, Dan (advisor)
The thesis deals with the design and implementation of a basic web browser that is adapted for seniors in the age group of 90 years and more. It is one of the applications of the operating system for the elderly, which is used to facilitate the work on the computer. The web browser is developed in Python. It allows text enlargement, web page display, voice assistance and protection against fraudulent sites (phishing). The browser is easy to use. Every event in the browser is logged to an activity record with different levels for security risk assessment. Sending the entered information to the guardian of the elderly person is also implemented in the web browser, which occurs if the senior launches a fraudulent web page. This increases the protection of seniors from fraudulent attacks. The results of this work are published in the GitHub repository.
|
|
|
Centralised web-based personal data management system
Mazur, Kornel ; Kacálek, Jan (referee) ; Malý, Jan (advisor)
This diploma thesis deals with a central user identification and personal data management on the Internet. The first part analyzes questions of a identification process and discusses the requirements for implementation, security and user-friendliness. Subsequently, the process is designed with respect to the defined requirements. A detailed overview of possible attacks to the system and means of protection against them is also included in the thesis. The described methods are as follows: Phishing, Man in the middle, hardware modification and acoustic keypress emissions. A practical design of a identification system is discussed in the second part of the thesis. It consists of two parts: a library implementable to individual Internet services requiring a user identification and a server centrally identificating the users and storing their personal data and passwords. An implementation in Joomla content management system is also described.
|
|
|
Financial transaction security in electronic banking proposal
Valina, Petr ; Oprštěný, Miroslav (referee) ; Kříž, Jiří (advisor)
Bachelor’s thesis analyses electronic banking in the term of utilization, used technologies and with respect to security. It shows comparison of concrete types of electronic banking, which are being used at present. Analysis of possible risk by using electronic banking and solution proposal, which sets up interaction between bank and its client and makes behavior proposal for minimizing of security risks are integral part of this bachelor’s thesis.
|
|
|
Preserving Validity of MS Exchange Headers on Filtering SMTP Proxy-Server
Szabó, Peter ; Židek, Stanislav (referee) ; Richter, Jan (advisor)
The aim of this thesis is the localization and finding an optimal solution for a compatibility issue between two products, the AVG Linux Server Edition SMTP proxy-server and the Microsoft Exchange e-mail server. There are several possible solutions of this issue described and the most effective one is suggested as the final solution. In the first part, this thesis is providing a basic overview of the SMTP protocol and the protocols used in the Microsoft Exchanage server. The most common threats in the e-mail communication are also discussed here and several available solutions of protection against them are presented.
|
|
|
Phishing Detection in Web Pages
Beňo, Marek ; Hrivňák, Ján (referee) ; Holkovič, Martin (advisor)
This work deals with the design of a phishing attack detection and classification tool. The work describes techniques and forms of phishing attacks and availible tools and techniques for phishing detection. Based on the analysis of existing tools a solution for file classification is proposed. Implemented tool handles input parsing and creation of input model. Model is based on hybrid analysis of input file and URL. Using the YARA tool, YARA rules are applied which are then used in creation of input classification. Analysis of input model and definition of classification rules is enabled by implemented YARA module. Implemented solution makes it possible to define YARA rules for phishing classification based on the structural properties of a phishing file and features of source URL.
|
guest ::
