|
|
77 millions user accounts have been stolen, should we worry? Analysis of Internet discussions relevant to the topic
Gregor, Filip ; Švelch, Jaroslav (advisor) ; Nečas, Vlastimil (referee)
Diploma thesis 77 million PlayStation Network accounts stolen, does it affect us?: An analysis of Internet discussions revolving around this topic deals with the case of what so far seems to be the biggest case of user information leak on the Internet. The introduction outlines the history and development of PlayStation consoles and maps major attempts to jailbreak the last generation of the console by hackers. The following section presents PlayStation Network itself, whose users were at risk of the loss of their online identity because of the attack and chronologically describes the course of breach-related events including the subsequent theft of user data. It also focuses in detail on the case of GeoHot - a hacker whose dispute with Sony alienated fellow hacker community and initiated retaliatory activities which as a result led to loss of data. Another part of the thesis examines the issue of digital identity and its protection, gives an insight into the history of the formation of the hacker community and further explains the phenomenon of existence and perception of the term hacker in the context of the Internet. The final section is devoted to analysis of selected discussion posts under thematically relevant articles, analyzes them in terms of content relevance, information sentiment and...
|
|
|
Legal Aspects of Fighting Cybercrime
Dostál, Otto ; Vlček,, Martin (referee) ; Šárek, Milan (referee) ; Hajný, Jan (advisor)
The thesis deals with the topic of computer crime. Foremost, it demonstrates on an example of the operation of a medical image information processing system some selected aspects of this issue. It shows that it is always necessary to monitor the current state of the technical knowledge at the time, but also the need of addressing the issue within the corresponding legal limits. The thesis presents criminal law reality as a complex system. The links between different parts of the system are examined, and possible shortcomings are considered. The legal instruments and legal limits of the procedures that can be used against cybercrime are evaluated. The thesis focuses especially on the issue of obtaining evidence under the Czech Criminal Procedure Code. It presents a proposal on how to understand individual procedural legal institutes and for what purposes and how to use them. Consequently it suggests legal procedures for specific selected practical situations.
|
|
|
Design and Creation of Proxy for Penetration Testing
Válka, Michal ; Bláha, Lukáš (referee) ; Dydowicz, Petr (advisor)
This bachelor’s thesis is aimed at design and development of proxy for penetration testing. The thesis is divided into three main parts and begins with a theoretical part, which is focused on fundamental technologies and principles on which the application is based. The second part is focused on comparison of currently available solutions. The third part contains the creation of the proxy itself. The last chapter contains a summary of this thesis and the benefits of the developed product for penetration testing.
|
|
|
Cyber crime
Bartůněk, Jan ; Gřivna, Tomáš (advisor) ; Herczeg, Jiří (referee)
Development of information technology is one of the most dynamic parts of today's global society. Along with the coming of new technologies it generates new types of crime, eventually existing types of criminal activities in this area are moving from the real world to cyberspace. This rapid development of cyber crime enforces corresponding changes in the legislation related to cyberspace. In the Czech Republic the most fundamental changes in cyber crime law have been made along with the new Criminal Code. The new code has modified some areas, that were not mentioned by previous criminal code, refined or amended previous terminology related to cyberspace and added institutes required by international commitments, especially by the Convention on Cybercrime. The purpose of this diploma thesis on "Cyber crime" is to outline the issues of cyber-crime, point out some troubling topics, which are currently present in cyberspace, and outline possible future development of criminal law in cyberspace. In the beginning of the thesis there is a short summary of cyberspace and cyber crime history, that is followed by definitions of selected basic concepts of cyberspace and cyber crime. In the following chapters, there is a summary of current Czech legislation of selected areas and there some examples of such...
|
|
|
77 millions user accounts have been stolen, should we worry? Analysis of Internet discussions relevant to the topic
Gregor, Filip ; Švelch, Jaroslav (advisor) ; Nečas, Vlastimil (referee)
Diploma thesis 77 million PlayStation Network accounts stolen, does it affect us?: An analysis of Internet discussions revolving around this topic deals with the case of what so far seems to be the biggest case of user information leak on the Internet. The introduction outlines the history and development of PlayStation consoles and maps major attempts to jailbreak the last generation of the console by hackers. The following section presents PlayStation Network itself, whose users were at risk of the loss of their online identity because of the attack and chronologically describes the course of breach-related events including the subsequent theft of user data. It also focuses in detail on the case of GeoHot - a hacker whose dispute with Sony alienated fellow hacker community and initiated retaliatory activities which as a result led to loss of data. Another part of the thesis examines the issue of digital identity and its protection, gives an insight into the history of the formation of the hacker community and further explains the phenomenon of existence and perception of the term hacker in the context of the Internet. The final section is devoted to analysis of selected discussion posts under thematically relevant articles, analyzes them in terms of content relevance, information sentiment and...
|
|
|
Information systems security penetration testing
Klíma, Tomáš ; Doucek, Petr (advisor) ; Čermák, Igor (referee) ; Čapek, Jan (referee) ; Štubňa, Ivan (referee)
The aim of this dissertation thesis is to develop new methodology of information systems penetration testing based on analysis of current methodologies and the role of penetration tests in context of IS/IT governance. Integral part of this aim is evaluation of the methodology. The first part of the thesis is devoted to the presentation of history and current state of research in selected area, definiton of basic terms and introduction of role of the penetration tests. This part is followed by the review of relevant sources and comparative study of current methodologies with a goal to identify their weaknesses. Results from this study are further used as a basis for new methodology development. Classification of IS penetration tests types and testing scenarios are also included. The second part includes design of new methodology, at first its history, structure and principles are presented, then its framework is decribed in high level of detail. In the third part the reader can find (theoretical and practical) validation. The biggest scientific contribution is the methodology itself focused on managment of penetration tests (which is the area currently not sufficiently descibed). Secondary contribution is the extensive review and the comparative analysis of current methodologies. Contribution to the economic and technical (practical) application we can mainly see in the development of new methodology which enables companies to improve management of penetration tests (especially planning, operational management and implementation of countermeasures).
|
|
|
Websites in terms of security against attacks
Kučera, Jan ; Benda, Petr (advisor) ; Havránek, Martin (referee)
This bachelor thesis explains the security risks of web applications and their defense against damaging attacks. The issue is presented mostly from perspective of developers, therefore the introduction also mentions several principles of safe behavior on the internet from the user's perspective. Explained are the concepts of security risks in information technology and the concept of web applications. Thesis is based on the project OWASP Top 10 - 2013 made by OWASP Foundation, which defines the ten most critical security threats. There are explained also security methods of defending against some of the threats in the three most widely used PHP frameworks. The practical part presents examples of various attack scenarios of each security threat from the theoretical part. At the end, chosen frameworks are analyzed with penetration software on the private test server.
|
|
| |
|
|
Analysis of security and authentication of wireless networks
Kulíř, Tomáš ; Jeřábek, Jan (referee) ; Szőcs, Juraj (advisor)
This master's thesis deals with wireless networks, mainly about the WiFi. It deals with summary of individual security mechanism both theoretically and using them in real hardware. Mainly it is interested in the security of the individual mechanisms and their weaknesses, which cause rupture of security. At each chapter the ideas and methods, that the attackers are trying for infiltration of wireless networks and decrypt encryption WEP, WPA or WPA2, are outlined. The principle of the authentication of the WiFi by the authentication server and its options, which is connected with directory service LDAP, is also explained in this thesis. The penultimate chapter deals with the summary of security mechanisms and references that should be adhered by design of the WiFi for the provision of the high security. The ending of the master's thesis is devoted to social engineering and its most famous representatives.
|
|
|
Application for monitoring and controlling the security of large LAN and WAN computer networks
Maloušek, Zdeněk ; Polívka, Michal (referee) ; Novotný, Vít (advisor)
Computer networks are used in much wider extent than 20 years ago. People use the computer mainly for communication, entertainment and data storage. Information is often stored only in electronic devices and that is why the security of the data is so important. The objective of my thesis is to describe network security problems and their solutions. First chapter deals with the network security, security checks and attacks. It describes procedures used in practise. First part deals with traffic scanning and filtering at various layers of the TCP/IP model. Second part presents the types of proxy and its pros and cons. Network Address Translation (NAT) is a favourite technique of managing IP addresses of inside and outside network which helps to improve the security and lower the costs paid for IP addresses. NAT description, IPSec, VPN and basic attacks are described in this section. The second chapter of the thesis presents set of Perl scripts for network security checking. The purpose of the project is not to check the whole network security. It is designed for contemporary needs of IBM Global Services Delivery Centrum Brno. The first script checks running applications on target object. The aim is to detect services that are not necessary to run or that are not updated. The second one checks the security of the Cisco device configuration. There is a list of rules that has to be kept. The third script inspects the Nokia firewall configuration which is on the border of IBM network. If some of the rule is broken, it shows the command that has to be proceeded at the particular device. The output of the first and the second script is an HTML file. The third script uses the command line for the final report. The last part of this chapter gives advice to configure Cisco devices. It is a list of security recommendations that can be used by configuring e.g. routers. The appendix presents two laboratory exercises. The aim is to give students an opportunity to learn something about programs and technologies which are used in practise by IT experts to check the weaknesses of their networks.
|
guest ::
