|
|
Secure Semantically-Based Discovery of Resources in RESTful Architecutre
Koudelka, Jiří ; Burget, Radek (referee) ; Rychlý, Marek (advisor)
This thesis looks into the problematics of secure semantically-based discovery of resources in REST-ful architecture. The subject of this thesis is the implementation and potential extension of the mRDP for secure discovery of resources in REST-ful architecture, including the implementation of a corresponding open-source library compatible with the Android operating system. Another topic of this thesis is the implementation of simple example applications using this library.
|
|
|
Framework for Development of Administration Systems
Čevelíček, Marek ; Rychlý, Marek (referee) ; Bartík, Vladimír (advisor)
Project deals with theoretical part of the process of developing administration systems which are supposed to run on-line. It talks about advantages of frameworks and finds basic principles of designing user interfaces. There are summarized general principles of using interactive components as (X)HTML form elements, JavaScript and AJAX with respect to modern administration systems. Important part of this work describes use of an optimal security mechanisms in language PHP.
|
|
|
Automated Annotation of Network Traffic Based on System Events
Kala, Jan ; Polčák, Libor (referee) ; Žádník, Martin (advisor)
This thesis addresses topic of network flow annotation using web traffic data. Introduces to problematics of network flow monitoring, analysis and classification and also to protocols HTTP and HTTPS. Describes technique of data collection from web browsers and their pairing with traffic flows. Proposes annotation system that is able to annotate web traffic in automated manner. Implementation of the proposed system is also part of this thesis
|
|
|
Database system for optometrician shops
Dlouhý, Lukáš ; Borská, Eva (referee) ; Kříž, Jiří (advisor)
This thesis deals with creating a suitable database system for an specific existing company that manufactures and sells glasses. The thesis focuses on describing the development of the database system in SQL, HTML, PHP and also on the structuring of the database. It aims to create a database system, which will comply with the company's requirements.
|
|
|
Web application for data transfer using TLS protocol
Dzadíková, Slavomíra ; Slavíček, Karel (referee) ; Smékal, David (advisor)
The work deals with web application development, implementation possibilities of web application, secure communication between server part and client part. Protocol HTTPS (Hyper Text Transfer Protocol) and TLS (Transport Layer Protocol) are described in more detail way, also the issue of PKI (Public Key Infrastructure). The work also covers authentication and authorization methods which are used in web applications, and the most common attacks according OWASP TOP 10. Technologies, programming languages and environments, which have been used: Python, Flask, Bootstrap, OpenSSL, Nginx, Nessus, JMeter, Lighthouse.
|
|
|
Android App for Security Monitoring of Communication
Klepáčková, Karolína ; Dobeš, Petr (referee) ; Herout, Adam (advisor)
This diploma thesis is focused on implementation of application for security monitoring of network communication of other applications in mobile device with Android platform. Provides users information about security risks that may harm his/her privacy or device. It uses a local VPN to tunnel all data sent to the wireless network. These can be linked to an application that has sent them because the Android kernel is derived from the Linux kernel and can be used to retrieve information about established network connections and the application identifier associated with the connection. This mapping allows to get more information about an app that is potentially dangerous for your mobile device.
|
|
|
System for Parallel Processing of URL Requests
Horáček, Jan ; Matoušek, Petr (referee) ; Ráb, Jaroslav (advisor)
The work treats of programming multithreaded application, focused on processing the demands for URL calling. The application was programmed in the ANSI norm of the language C. It runs as independent daemon, which must faciliate, in maximum possible scale, searching for demands, which weren't successfully processed. For URL calling it uses the library libCURL and installing in station of package autotools.
|
|
|
Extraction of Decrypted Data from SSL Connection
Pastuszek, Jakub ; Veselý, Vladimír (referee) ; Grégr, Matěj (advisor)
Cílem této práce je vyvinout aplikaci schopnou dešifrovat zabezpečená spojení a přeposlat dešifrovaná data na jinou stanici v síti pro další analýzu. Daná aplikace vybízí k nelegálním účelům, avšak zamýšleným použitím výsledného produktu jsou legální odposlechy. Pro tuto práci byla z množiny nástrojů vybrána aplikace SSLsplit díky jejím vlastnostem a výkonnosti. Toto rozhodnutí bylo na základě srovnávacích testů a porovnání vlastností. Pomocí vlastního certifikátu SSLsplit podepisuje certifikáty cílových serverů, které jsou vytvářené za běhu. Spuštěná aplikace běží v režimu transparentní proxy přímo na centrálním prvku dané sítě (routeru). SSLsplit provádí man-in-the-middle útok mezi klientem a serverem bez toho, aby to některá ze stran zaznamenala. Dále umožnuje dešifrovaný obsah odeslat na předem daný uzel v síti pro jeho další zpracování. Pro možnost snažší konfigurace SSLsplitu byla implementována integrace do netc rozhraní. Aplikace byla otestována za účelem zjištění jejich výkonnostních limitů. Výkonnostní testy výsledného řešení ukazují značný pokles počtu transakcí za sekundu (TPS) při použití SSLsplit v porovnání s pouhým přeposíláním provozu. Funkce zrcadlení významně neovlivňuje počet TPS ani neomezuje samotný SSLsplit. Výsledky ukazují, že SSLsplit je schopen reálného provozu s určitým omezením.
|
|
|
Analyzer of Web Application Optimization and Security
Štrbák, Boris ; Polčák, Libor (referee) ; Bednář, Martin (advisor)
The goal of this project was to create a web application that would automate the regular analysis of individual pages of the site and present obtained information to the user. Final product is a Single-Page application (SPA) created using JavaScript framework Vue.js with the Vuetify library. The server part, which contains REST API and scanning and analysis processes, is implemented in the PHP framework Laravel. Both parts are designed to run in a containerized environment. Docker is used for this purpose. The first part of the thesis describes the issues of site optimization, security and SEO. The mentioned findings were then used in the implementation itself.
|
|
|
Privacy-Preserving Web Browser Extension
Červinka, Zbyněk ; Lichtner, Ondrej (referee) ; Polčák, Libor (advisor)
This thesis deals with security, privacy, and anonymity on the internet. In this thesis are described tracking mechanisms and approaches that are being used to collect and send away users' personal information. Information that leaks using this tracking approaches can be used to identify user, to monitor and analyze his behavior on specific web pages and several leaked pieces of information can be misused (for example the leaked credit card number or password). In this thesis is described and tested the functionality and reliability of several current web add-ons providing the protection on the internet. New security increasing web add-on has been designed and developed to demonstrate a technique, that redefines and wraps the original JavaScript implementation of several functions and objects, the wrapping is executed before the visited web page starts processing the source code. Running the wrapping code at this time will ensure, that no other code in loaded web page will ever have access to the original implementation. This add-on is also well-tested. The final thesis' stage provides a great amount of possibilities to improve implemented add-on.
|
guest ::
