|
|
DYNAMIC BIOMETRIC SIGNATURE AS AN EFFICIENT TOOL FOR INTERNAL CORPORATE COMMUNICATION
Hortai, František ; Jašek, Roman (referee) ; Dočkal, Jaroslav (referee) ; Dostál, Petr (referee) ; Smejkal, Vladimír (advisor)
The aim of this thesis is to provide comprehensive information on the possibilities of authentication, combination of authentication factors and the integration of this issue into corporate communication. The work focuses on this issue and specifies the possibilities for obtaining authentication information, analyses the authentication methods, identification and authorization. It examines the applicability of biometric technologies, the principle of their functionality, examples of their use, their impact, the advantages and disadvantages they bring. A natural, easy-to-use, convenient tool for effective and secure communication is authentication including the dynamic biometric signature. The issues of the dynamic biometric signature technology and its implementation are examined from a comprehensive perspective involving experiments. The research proved that the dynamic biometric signature can serve as a method for supporting secure corporate communication and reduce authentication risks in companies and for individuals.
|
|
|
Penetration test of camera system
Slaný, Radek ; Martinásek, Zdeněk (referee) ; Paučo, Daniel (advisor)
This bachelor thesis is dedicated to penetration testing of camera system ADEROS. Virtualized testing enviroment was created for purposes of penetration testing. This enviroment was reachable via VPN. In the first part of the practical part was performed scanning of the camera system. In the second part of the practical part was selected a methodology according to results from the first part. In this part is also described process of the penetration testing of the camera system as well as process of stress testing of the web interface. In third part of practical part were results of penetration testing processed into report. Main goal of this thesis is realization of penetration and stress testing, processing the results into clear report and recommendation to remediate found vulnerabilities.
|
|
|
Security exercises for ethical hacking
Paučo, Daniel ; Lieskovan, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
This master thesis deals with penetration testing and ethical hacking. Regarding to the layout of the thesis there was prepared appropiate enviroment to realize Red/Blue team exercise, where Red team is in a role of the attacker and Blue team is in a role of defender of the network infrastructure. Whole infrastructure is implemented in a cloud virtual enviroment of VMware vSphere. Second part of the thesis consists of preparation and creation of the exercise to test web application security. Third part of the thesis is dedicating to the automatization of redteaming. Main focus of this master thesis is to demonstrate different attack vectors how to attack the network infrastructure and web applications and use of the defense mechanisms to avoid this kinds of attacks.
|
|
| |
|
| |
|
|
Increasing security awareness in the company
Novák, Petr ; Sedlák, Petr (referee) ; Ondrák, Viktor (advisor)
The master’s thesis is focused on increasing security awareness in the company. The first chapter contains the theoretical background, which is necessary for creating a security education system. The second chapter deals with the analysis of the current situation, which is needed for determinating the need to increase security awareness. The third and last chapter contains the design of the education system itself.
|
|
|
Identification and characterization of malicious behavior in behavioral graphs
Varga, Adam ; Burget, Radim (referee) ; Hajný, Jan (advisor)
Za posledné roky je zaznamenaný nárast prác zahrňujúcich komplexnú detekciu malvéru. Pre potreby zachytenia správania je často vhodné pouziť formát grafov. To je prípad antivírusového programu Avast, ktorého behaviorálny štít deteguje škodlivé správanie a ukladá ich vo forme grafov. Keďže sa jedná o proprietárne riešenie a Avast antivirus pracuje s vlastnou sadou charakterizovaného správania bolo nutné navrhnúť vlastnú metódu detekcie, ktorá bude postavená nad týmito grafmi správania. Táto práca analyzuje grafy správania škodlivého softvéru zachytené behavioralnym štítom antivírusového programu Avast pre proces hlbšej detekcie škodlivého softvéru. Detekcia škodlivého správania sa začína analýzou a abstrakciou vzorcov z grafu správania. Izolované vzory môžu efektívnejšie identifikovať dynamicky sa meniaci malware. Grafy správania sú uložené v databáze grafov Neo4j a každý deň sú zachytené tisíce z nich. Cieľom tejto práce bolo navrhnúť algoritmus na identifikáciu správania škodlivého softvéru s dôrazom na rýchlosť skenovania a jasnosť identifikovaných vzorcov správania. Identifikácia škodlivého správania spočíva v nájdení najdôležitejších vlastností natrénovaných klasifikátorov a následnej extrakcie podgrafu pozostávajúceho iba z týchto dôležitých vlastností uzlov a vzťahov medzi nimi. Následne je navrhnuté pravidlo pre hodnotenie extrahovaného podgrafu. Diplomová práca prebehla v spolupráci so spoločnosťou Avast Software s.r.o.
|
|
|
Analysis of the GlobeImposter ransomware
Procházka, Ivo ; Komosný, Dan (referee) ; Martinásek, Zdeněk (advisor)
The aim of this diploma thesis is to analyze an instance of the GlobeImposter ransomware extracted from an affected device. The first part outlines various types of malware and ransomware and includes a description of encryption mechanisms and key distribution systems. It also discusses possible approaches of static and dynamic analysis of malware samples and requirements for test environments. The practical part describes the source of the malware sample, the physical and virtual test environment and the results of the static and dynamic analysis of the GlobeImposter ransomware. The final part discusses the results and the possibility of implementing a decryptor for the analyzed GlobeImposter ransomware.
|
|
|
Non-security of the Czech Army's soldiers on social networks
Kulhánek, Jan ; Ludvík, Jan (advisor) ; Kučera, Tomáš (referee)
The aim of this thesis is to examine the risk of the Czech Army not being properly secure on social networks, the behaviour of its uniformed members and their positive identification of social networking sites. The Russian aggression in the Ukraine and the hacking of Czech medical facilities have once again brought up the importance of cybersecurity and the role that it plays in the modern world, with the human factor being positively identified as the weakest link in security. This case study seeks to define the ideal types of soldier behaviour on social media and to analyse the potential risks that each type poses. To this end, this thesis first presents information necessary to fully understand the vast topic of cybersecurity on social media. Next, it defines several ideal types and their building blocks, in order to categorize the social media accounts of soldiers it later analyses. The author concludes that each defined ideal type has inherently problematic behaviours associated with it and carries with it a level of risk for the Army of the Czech Republic. However, the present user and family member ideal types were found to be the riskiest. Key words OSINT, SOCMINT, NATO, Czech Armed Forces, Cybersecurity, Security, Social media, Ideal type analysis, Social engineering Title The insecurity...
|
|
|
Autonomous Vehicles Liability Insurance
Hořavová, Maria ; Vybíral, Roman (advisor) ; Tuláček, Michal (referee)
Autonomous Vehicles Liability Insurance Abstract The diploma thesis is focused on the issue of autonomous vehicles and its liability insurance as it is a very current topic, as evidenced by extensive discussions across the professional and lay public. The aim of this thesis is to analyse the currently existing legal framework at national, EU and international level and to clarify whether the current legal framework is sufficient for the operation of autonomous vehicles. The liability insurance system itself and the principles of its operation are also analysed with regard to their suitability for autonomous transportation. Where deficiencies are identified, de lege ferenda considerations are outlined, and expected changes as well as appropriate solutions are identified. In addition, the diploma thesis provides a meaningful introduction to the principles of autonomous vehicles and discusses other areas closely related to liability insurance for damage caused by the operation of autonomous vehicles. The diploma thesis is divided into five separate chapters. These chapters are structured in such a way that the reader first gains an understanding of the topic and becomes familiar with the complex system of autonomous vehicles. In the first chapter, the reader is introduced to the concept of an autonomous...
|
guest ::
