|
| |
|
|
Security verification tool for industrial and energy equipments
Sagindykova, Anel ; Kuchař, Karel (referee) ; Blažek, Petr (advisor)
Cílem této práce je analyzovat různé vyhledávače a vybrat ty nejvhodnější pro vytvoření nástroje k testování průmyslových a energetických zařízení z pohledu bezpečnosti. Bylo provedeno porovnání mezi Shodan, ZoomEye, Nexpose, Censys a BinaryEdge. Tyto vyhledávače byly porovnávány podle různých kritérií, například výkonnosti a jejich dalších veřejně dostupných informací. Jako nejvhodnější byly vybrány Shodan a ZoomEye a pomocí těchto vyhledavačů byla vytvořena webová aplikace. Tato aplikace je schopna načítat výsledky vyhledávání ze serverů pomocí jejich rozhraní API a je schopna je ukládat do databáze. Součástí práce je popis průmyslových a energetických protokolů, sítí a jejich bezpečnostních prvků. V rámci práce byl také popis několika nejznámějších útoků na tyto sítě. Posledním cílem práce je provést testování a evaluaci realizovaného nástroje na minimálně dvou zařízeních.
|
|
|
Emulation of Attacks on SCADA/ICS Communication
Grofčík, Peter ; Grégr, Matěj (referee) ; Matoušek, Petr (advisor)
The goal of this master's thesis is to emulate suitable network attacks on the control communication of ICS/SCADA systems with a subsequent design and implementation that can detect them. The first part of the work consists of categorization and acquaintance with individual types of attacks on industrial networks. Using classified datasets combined with a research of available datasets, in the next chapter I describe the selection of suitable attacks, which are at least indirectly related to control communication and are also feasible on virtual devices that are communicating using the IEC104 protocol, which I chose for my work. I then perform the selected attacks and record their progress in a set of PCAP files. Those files form the input for the next part that concerns anomaly detection using statistical methods.
|
|
|
Creating an industrial scenario using WinCC Unified
Šotola, Bohuslav ; Blažek, Petr (referee) ; Pospíšil, Ondřej (advisor)
This bachelor thesis is devoted to the Creation of industrial scenario by means of using WinCC Unified. WinCC Unified is a visualization tool supporting remote access via the web without the necessity to install softwares. The urgency for using this technology results in particular from the introduction of digitization and the associated simplification of industrial processes. The issue of remote communication is discussed at first which is followed by a description of the basic functions of WinCC Unified. Then various communication scenarios are processed which are the main target of the bachelor’s thesis together with the creation of the HMI library. The work is ended by the topic of analysis of communication load between HMI and PLC depending on the number of animated objects on the HMI screen.
|
|
|
Impact Of Active Scanning On The Industrial Control Networks
Pospíšil, Ondřej
This article deals with the impact of active scanning on industrial networks. The impacton industrial networks is commented from the perspective of the penetration tester methodology.This topic is important because active scan tools are affordable and easy to use, and their intrusiveimpact on industrial devices can be critical. The article’s main goal was to evaluate the impact on theindustrial network from the penetration tester point of view using the most popular tools for activenetwork scanning. In order to demonstrate and evaluate the results, an industrial testbed based on realindustrial hardware was built for the article. The article also demonstrated how to use the informationobtained by scanning for a Denial of Service attack.
|
|
|
An Appropriate Strategy For Detecting Security Incidents In Industrial Networks
Kuchař, Karel ; Holasová, Eva
This paper is focused on environment of critical infrastructure and inadequate security problem. Industrial network typically works with old devices and a potential update may cause delay in the production and costs a lot of money. That is the reason why additional devices improving security of all system must be introduced. Tools like IDS/IPS (Intrusion Detection System/Intrusion Prevention System) are great for detecting anomalies and defining signatures in the network traffic. For such types of the network it is critical proper handling of security issues and generated alerts.
|
|
|
Content Gap Analysis Of Current Cyber-Security Challenges Of Industrial Control Systems
Pospíšil, Ondřej
This paper deals with the analysis of current research papers dealing with cybersecurity in industrial control systems. The analysis is focused on terminology and deals with possible directions to follow in future research. The article also describes current literature on this issue and recommends some sources to obtain information. The summary provides possible directions to follow in cybersecurity research in ICS.
|
|
|
Cyber security testing in an environment of operational technology
Kuna, Erik ; Pospíšil, Ondřej (referee) ; Paučo, Daniel (advisor)
The topic of this work is security testing in connection with operational technology networks. The theoretical part covers description of operational technology, analysis of the current state of security in such networks and the methodology for penetration testing in this context. A section is devoted to protocols relating to said networks, comprising their characteristics, comparison of the same and related advantages and disadvantages. The theoretical part aids comprehension of the practical section, which details design and implementation of a suitable environment for testing and performing security in ICS/SCADA. Therein, emphasis is placed on security issues that pertain to the ModBus protocol.
|
|
|
Appropriate strategy for security incident detection in industrial networks
Kuchař, Karel ; Blažek, Petr (referee) ; Fujdiak, Radek (advisor)
This diploma thesis is focused on problematics of the industrial networks and offered security by the industrial protocols. The goal of this thesis is to create specific methods for detection of security incidents. This thesis is mainly focused on protocols Modbus/TCP and DNP3. In the theoretical part, the industrial protocols are described, there are defined vectors of attacks and is described security of each protocol. The practical part is focused on the description and simulation of security incidents. Based on the data gathered from the simulations, there are identified threats by the introduced detection methods. These methods are using for detecting the security incident an abnormality in the network traffic by created formulas or machine learning. Designed methods are implemented to IDS (Intrusion Detection System) of the system Zeek. With the designed methods, it is possible to detect selected security incidents in the destination workstation.
|
|
|
Cyber-environment for systems of ICS/SCADA type
Váňa, Martin ; Blažek, Petr (referee) ; Fujdiak, Radek (advisor)
The thesis explores the problematics of cyber environment for the ICS/SCADA systems. First, shorter section is mainly focused on general introduction into the ICS/SCADA systems and their inner workings. Communication model of a general SCADA system and its foundational elements are explained. It is mainly theoretical passage and it serves as an introduction. It is necessary for understanding the second part which is mainly practical. The appropriate system is chosen as a first thing in the practical part of the thesis for the implementation of the whole project. There are defined criteria on which the system itself is implemented. Following that the system itself is implemented under a framework called openMUC and it is tested with help of the simulators according to the objective of the thesis.
|
guest ::
