|
|
Tool for generalizing automated SOAR scenarios for cybersecurity knowledge sharing
Ištoňová, Miriam ; Dobiáš, Patrik (referee) ; Safonov, Yehor (advisor)
Today’s era could be defined as quantity, speed and possibilities. Security monitoring centers have responded to the challenge of an unrelenting amount of information with monitoring and categorization tools such as SIEM. However, in case of incidents themselves, the speed and automation of response is offered by an advanced SOAR solution. Like any technology, SOAR offered by different companies also contributes to the variety of individual response scenario structures and formats, bringing the clear challenge of simplification, collaboration and generalization. Therefore, the bachelor thesis focuses on the implementation of a conversion tool, with the goal of unifying and generalizing the format of automated SOAR scenarios using the evolving CACAO playbook standard. The main benefit of the tool is the ability to unify the use of SOAR scenarios, ensure successful conversion and thus facilitate knowledge sharing in the field of cybersecurity. The theoretical part of this thesis focuses on the current issue of security monitoring, explains the importance of automation within incident response and offers a detailed analysis and comparison of available technologies and formats of automated incident response playbooks. The practical part is closely related and depends on the results of the analysis. It focuses on the selection and design of a suitable format for the description of the individual automatic response scenarios as well as the following final implementation of the conversion tool itself.
|
|
|
Extensible Rust Library for the Development of Embedded Sensor Applications on ESP32 Platform
Mikhailov, Kirill ; Tinka, Jan (referee) ; Šimek, Václav (advisor)
Tato práce představuje rozšiřitelnou knihovnu jazyka Rust určenou pro vestavěné senzorové aplikace na platformě ESP32, která řeší potřebu zjednodušeného vývoje reálných vestavěných systémů v prostředí jazyka Rust na této platformě. Významným přínosem této práce je vývoj uživatelsky přívětivého rozhraní pro správu senzorů. Toto rozhraní umožňuje jednoduchou instalaci, aktivaci a monitorování senzorů, což vyhovuje aplikacím, jako jsou inteligentní domy a automatizace, aniž by vyžadovalo hluboké technické znalosti periferií. Architektura knihovny je pečlivě navržena s ohledem na modularitu a rozšiřitelnost a dodržuje zásady bezpečnosti a efektivity Rustu. Projekt je doprovázen rozsáhlou dokumentací a je zveřejněn na platformě GitHub pod open-source licencí Apache, doplněn unit-testy a příklady použití. V závěru práce je zhodnocena funkčnost knihovny a její případná budoucí vylepšení, která ukazují její praktičnost pro vývojáře vestavných systémů.
|
|
| |
|
|
Analysis and design of an effective solution for integration of Web Application Firewall into SOC architecture
Hynek, Vojtěch ; Komosný, Dan (referee) ; Kubánková, Anna (advisor)
The thesis deals with the issue of integration of Web Application Firewall into the environment of Supervisory Security Center. The result of this thesis is an analysis of current integration options along with identification of the most common attacks on web applications. Using the analysis performed, the best suited WAF was selected along with its integration method. Furthermore, the thesis contains a detailed description of the chosen integration and its subsequent testing. Testing of the correctness of the firewall, its stress testing and its effect on the network delay was performed. A part of the thesis also describes the integration of WAF into a real SOC environment. The integration involves connection to log management and traffic monitoring technologies. At the same time, a custom integration with the MISP platform has been developed, which makes it possible to create dynamic rules for the WAF. The integration includes the creation of a custom parser, correlation rules and a test scenario. The last part of the thesis is devoted to the analysis of the impact of the WAF integration on the prevention and detection of cyber threats, which includes an evaluation of the emerging alerts over a period of one month.
|
|
| |
|
|
Asymmetric Multiprocessing on the ARM Cortex-A9
Riša, Michal ; Košař, Vlastimil (referee) ; Korček, Pavol (advisor)
Asymmetric multiprocessing (AMP) is a way of distributing computer system load toheterogeneous hardware and software environment. This thesis describes the principles of the AMP focusing on the ARM Cortex--A9 processor and Altera Cyclone V hardware platform. Development of a OpenAMP framework based AMP system showing communication among the processor cores, documentation and future work suggestion are the products of this thesis.
|
|
|
Demonstration Examples for Pynq Z2 System on Chip Platfrom
Polášek, Patrik ; Mrázek, Vojtěch (referee) ; Kekely, Lukáš (advisor)
The thesis deals with the Pynq Z2 with SoC containing FPGA programmable logic connected to ARM processor. The main goal is to create a set of sample applications that use the peripherals available on the development board and perform critical computations on the FPGA. These applications take the form of a template dividing the functionality into a part communicating with the peripherals and another part implementing the actual computation algorithm. Specific algorithms were chosen from the areas of text search (Knuth-Morris-Pratt algorithm), image filtering (image color change and smoothing convolution mask), audio signal filtering (low pass), and internet packet classification (decision tree). The algorithms can be replaced with custom ones, while the surrounding interface for communication with the periphery is preserved. In addition to the implementation itself, an interactive Jupyter Notebook document is provided for each application with accompanying material to facilitate understanding of the subject matter.
|
|
|
HDR Tone-Mapping Acceleration on Xilinx Zynq Platform
Nosko, Svetozár ; Zemčík, Pavel (referee) ; Musil, Martin (advisor)
This diploma thesis focuses on the High-level synthesis (HLS). The first part deals with theoretical details and methods that are used in HLS tools. This is followed by a description of the synthesis tool Vivado HLS which will be used for implementation of an application. In the second part is briefly introduced high dynamic range images (HDR) and tone mapping. The third part is dedicated to design and implementation of the aplication which implements tone mapping methods in HDR images. This methods are implemented in Vivado HLS and language C++. This application is based on platform Xilinx Zynq and it uses multiexposure camera for capturing HDR images. Images are transmitted to FPGA for tone mapping processing.
|
|
|
Communication on the ADSP-SC58x Chip
Havran, Jan ; Korček, Pavol (referee) ; Viktorin, Jan (advisor)
This projects describes the design of communication between SHARC and ARM cores on ADSP-SC58x platform, concretely between bare-metal and Linux applications on ADSP-SC589 chips. There are outlined several available technologies for data transfer, such as MCAPI, MDMA or shared memory. There are also designed and implemented new communication principes based on current implementations of these technologies.
|
|
|
Universal hardware platform supported Linux operation system
Skopal, Miroslav ; Matěj, Zdeněk (referee) ; Fedra, Zbyněk (advisor)
This thesis deals with the development problems and creating of the multi- purpose hardware platform, which supports operating system Linux. It is focused on the microprocessors using ARM architecture with architecture ARM7, ARM9 and ARM11. The scope of the first part of this thesis was searching the sales of available 32 bit ARM microprocessors. The second part is attended to a particular Mini2440 development kit, its animation and the subsequent development of the kernel drivers for OS Linux platform. One of this thesis details was also the development of my own expansive hardware module and a capacity keypad for a usage with Mini2440 developmental kit.
|
guest ::
