|
|
Security Analysis of Immersive Virtual Reality and Its Implications
Vondráček, Martin ; Ryšavý, Ondřej (referee) ; Pluskal, Jan (advisor)
Virtuální realita je v současné době využívána nejen pro zábavu, ale i pro práci a sociální interakci, kde má soukromí a důvěrnost informací vysokou prioritu. Avšak bohužel, bezpečnostní opatření uplatňovaná dodavateli softwaru často nejsou dostačující. Tato práce přináší rozsáhlou bezpečnostní analýzu populární aplikace Bigscreen pro virtuální realitu, která má více než 500 000 uživatelů. Byly využity techniky analýzy síťového provozu, penetračního testování, reverzního inženýrství a dokonce i metody pro application crippling. Výzkum vedl k odhalení kritických zranitelností, které přímo narušovaly soukromí uživatelů a umožnily útočníkovi plně převzít kontrolu nad počítačem oběti. Nalezené bezpečnostní chyby umožnily distribuci škodlivého softwaru a vytvoření botnetu pomocí počítačového červa šířícího se ve virtuálních prostředích. Byl vytvořen nový kybernetický útok ve virtální realitě nazvaný Man-in-the-Room. Dále byla objevena bezpečnostní chyba v Unity engine. Zodpovědné nahlášení objevených chyb pomohlo zmírnit rizika pro více než půl milionu uživatelů aplikace Bigscreen a uživatele všech dotčených aplikací v Unity po celém světě.
|
|
|
Security Metrics of SAP Platform
Třeštíková, Lenka ; Barabas, Maroš (referee) ; Kačic, Matej (advisor)
Main goal of this thesis is analyzing potential security risks of the SAP NetWeaver platform and identifying various vulnerabilities, that are results of poor system configuration, incorrect segregation of duties or insufficient patch management. Methodology for platform evaluation is defined by vulnerabilities, security requirements and controls will be created.
|
|
|
Firewall Security Analysis
Cigánek, Josef ; Burda, Karel (referee) ; Hajný, Jan (advisor)
The bachelor essay is about security analysis and stress testing of firewalls. The main goal is to create a testing environment for eavesdropping of all communication of the firewall, on the principal of security analysis of the hardware firewall and stress testing with device Spirent Avalanche. The theoretical part of the essay is informing the readers about the problems surrounding firewall, security audits and penetration tests. The following practical part consists of commenting on the results of chosen security analysis and stress testing, applied in a laboratory for the hardware firewalls Hillstone SG-6000-G2120 and SG-6000-M7260.
|
|
|
Security analyse of organization
Cahová, Veronika ; Doc. Ing. Otakar Smolík, CSc., MBA (referee) ; Kříž, Jiří (advisor)
The Bachelor's thesis "Organization Security Analysis" deals with the problems of data protection in conection with physical, human resources and administrative security. It is concerned with several significant areas that have a bearing on national institution security - especially with security policy, the personality of manager, assessment of threats and risk levels, as well as with prevention and with specific procedures of solving of security incidents.
|
|
|
Benchmarks and test facilities of VVER reactors
Šimek, Ondřej ; Foral, Štěpán (referee) ; Vojáčková, Jitka (advisor)
The aim of this bachelor’s thesis is to describe the topic of benchmarks and test facilities for pressurized water reactors of the eastern concept VVER type. The theoretical part introduces the VVER type reactors, their history, the development of separate generations, including fundamental differences and parameters of the VVER type reactors being used so far. Next two chapters of the theoretical part focus on nuclear safety and security, describing the uppermost Czech authorities, which are SÚJB, MAAE and NEA. Furthermore, many terms concerning nuclear safety are explained in these two chapters. The next chapter is focused on deterministic safety analyzes, their classification, methods and purposes. The aim of this part is also to explain the verification and validation of computing codes. The next chapter offers insight into test facilities which are crucial for evaluation and testing of nuclear devices and computing codes. The last chapter of the theoretical part focuses on the VVER type reactor benchmarks. The practical part of this thesis presents the conversion of a single AER Benchmark FCM_001 using neutron physical code PARCS. The results are compared to the results of CRONOS computing code.
|
|
| |
|
|
Model of small air press
Uherek, Vítězslav ; Macho, Tomáš (referee) ; Štohl, Radek (advisor)
This thesis deals with design construction of laboratory model of air press and also proposes of safety measures for this machine. Before the design itself, norms concerning machinery construction were surveyed. There are two norms mentioned in the text ČSN EN 61 508 and ČSN EN ISO 13489-1. Next part shows practical demonstration of machine safety analysis using SISTEMA software tool. Changes to the safety measures were made according to the result of this analysis. Important part of this thesis is also design of control software for the air press in RSlogix5000 environment using Ladder logic and also created visualization of pressing process and show up on to visualization panel PanelView 700.
|
|
|
Support for education of biometric access systems
Navrátil, Petr ; Herencsár, Norbert (referee) ; Burda, Karel (advisor)
This thesis describes general function of biometric access systems and summarizes problems of their practical use. It also shows security risks of these systems. It defines basic terms, which are used in this area, describes kinds of errors and their representation. One part of this thesis deals with biometric method of fingerprints recognition. It explains fingerprints’ atomic basics, basic principles and processing of digital fingerprint image. Next part describes concrete biometric access system V-Station by Bioscrypt Inc. Besides basic description it focuses on technology of biometric sensor and algorithm, essential parts of biometric system. The thesis continues with security analysis of this concrete system. In this part I target on weak points of the system and I design possible attack on the system. In the last part of my thesis I designed laboratory exercise, which is supposed to be realized by student. It is composed it by several tasks to let students understand working with the system and attached software. At the same time, they have opportunity to think about system by themselves a make their own opinion about possibilities of the system. There are many pictures in this thesis to make term clear and to better understanding of problems of biometric security systems.
|
guest ::
