|
|
Side channels
Kolařík, Jan ; Sobotka, Jiří (referee) ; Martinásek, Zdeněk (advisor)
This Master Thesis deals with the side channels, AES encryption algorithm and the use of neural networks to obtain the encryption key. The first part of this work is focused on the basics of cryptography and attacks on cryptographic module. The second part is focused on electromagnetic side channel attack on PIC16F84A microcontroller with embedded AES algorithm. In this section, the Master Thesis tries to analyze electromagnetic emissions of operation S-Box in AES algorithm and try to find sensitive information to use neural network identify encryption key of the AES algorithm. In conclusion is described the software source code to determine the encryption key, summarized results and discussed ways to defend against electromagnetic side channel attack.
|
|
|
Advanced Methods to Multimedia Data Protection
Mikulčík, Ondřej ; Zukal, Martin (referee) ; Číka, Petr (advisor)
To protect the the copyright of multimedia works have been developed watermarking techniques, that insert an invisible watermark to the original data. The aim of this thesis was to explore modern watermarking techniques, choose three of them and realize them. Also test them, evaluate their properties and possibly improve them. All methods insert a watermark into luminance component of the original image, and work with binary or black and white watermark. All techniques work in the frequency domain using discrete wavelet transform. For the implementation of methods, have been developed software named "Watermarking" that has been programmed in JAVA Version 7. The first chapter describes the types of watermarks, the general process of insertion and extraction, watermarking systems and important feature requests of embedded water- marks. In addition, qualitative methods are mentioned for their comparisons and testing. The chapter also contains a theoretical description of the used transformations and functions. In the second chapter is described the user interface of the software "Water- marking". Chapters three and four contain a theoretical description of the implemented methods and description of implementation of insertion and extraction processes of the watermark. Also there are discussed the exact procedures for testing, the sample data, and the results which are clearly displayed in the tables. The fifth chapter discusses in detail the results obtained in testing the robustness of the watermark, using the software StirMark. In the conclusion are evaluated the advantages and disadvantages of methods and quality parameters.
|
|
|
Tool for SQL Injection Vulnerability Detection
Kutypa, Matouš ; Samek, Jan (referee) ; Barabas, Maroš (advisor)
The Bachelor thesis is focused on the issue of SQL injection vulnerabilities. The thesis presents commonly used procedures in the attacks against information systems and are also discussed possibilities of defense including the correct ways of input validation. The theoretical part contains the essential foundation of what should the penetration tester know, to be able to examine the inputs of application for SQL injection vulnerability. The thesis also describes analysis, design and implementation of specialized tool for Web application vulnerability detection. The implemented tool was tested and compared with other existing tools. Within the thesis has been also implemented a Web application, which demonstrates many different variants of SQL injection vulnerable inputs.
|
|
|
Cluster analysis of data traffic
Nagyová, Simona ; Martinásek, Zdeněk (referee) ; Blažek, Petr (advisor)
This thesis is meant to present the methods of cluster analysis, their use for detecting network traffic anomalies. It deals with various types of cyber attacks particularly DoS (DDoS) attacks. It contains a list of well-known DoS attacks. Also includes a program in Python, using the k-means method for detection of anomalous traffic.
|
|
|
Automatization of MitM Attack for SSL/TLS Decryption
Marušic, Marek ; Lichtner, Ondrej (referee) ; Pluskal, Jan (advisor)
SSL/TLS are protocols used to encrypt network traffic. They provide secure communication between clients and servers. The communication can be intercepted with MitM attack. This paper is aimed to describe the automatization of MitM attack and demonstrate its results. The automatization is done by MitM probe and a python script, which configures the probe and starts the attack. The script is easy to use, without great effort. It takes care of configuration of the probe, then it starts the tools used for network traffic capture and at last it starts MitM tools to perform the attack. During the MitM attack, users are warned by client applications about insecure connection. The client applications either provide an option to establish a connection anyway or it forbids clients to establish the connection with insecure parameters. In this paper, the users can learn what are SSL/TLS protocols and about a possibility how to intercept the network traffic encrypted by these protocols.
|
|
|
Performance tests of cryptographic algorithms
Pospíšil, Karel ; Martinásek, Zdeněk (referee) ; Sobotka, Jiří (advisor)
Bachelor's thesis deals with analysis of the various cryptographic algorithms that are used for securing communications. The first part is devoted to symmetrical cryptographic algorithms, asymmetric cryptographic algorithms and hashing functions. The second part deals with the security classification and attacks that are used to attack cryptographic algorithms and hash function. The third part deals with the selected testing algorithm RC4 and MD5 hashed function for using CrypTool. The final section provides an evaluation and test results of algorithm RC4 and MD5 hashing function.
|
|
|
Design of the laboratory task for attack on fingerprint authentication
Spurný, Jiří ; Vyoral, Josef (referee) ; Burda, Karel (advisor)
This thesis deal with personal fingerprint authentication and contains basic types of fingerprint readers included their principles of working. In this thesis are collected published attempts to this type of biometric authentication and in detail described way, how these attempts were realized . Realization of lab measurement is mentioned in practical part of thesis, is designed based on collected and evaluated information. Tendency for realization was to use materials and procedures which are available on market as well as computer technology. So no special equipment is needed for realization. Practical part describes in detail procedures for papillary lines capturing and their electronic processing. Described is also way to break through optical finger print sensor. For confirmation of procedure was made 12 artificial finger casts from Lukopren material. There casts were used to attempt on optical sensor Microsoft Fingerprint Reader with 100% success. Based on realized tests to produce artificial casts was proposed procedure for realization of laboratory measurement. This procedure is described in main part of this thesis. Proposed procedure has been confirmed in 90 minutes time limit, based on requirement to achieve time limit of school training session.
|
|
|
Extension of Behavioral Analysis of Network Traffic Focusing on Attack Detection
Teknős, Martin ; Zbořil, František (referee) ; Homoliak, Ivan (advisor)
This thesis is focused on network behavior analysis (NBA) designed to detect network attacks. The goal of the thesis is to increase detection accuracy of obfuscated network attacks. Methods and techniques used to detect network attacks and network traffic classification were presented first. Intrusion detection systems (IDS) in terms of their functionality and possible attacks on them are described next. This work also describes principles of selected attacks against IDS. Further, obfuscation methods which can be used to overcome NBA are suggested. The tool for automatic exploitation, attack obfuscation and collection of this network communication was designed and implemented. This tool was used for execution of network attacks. A dataset for experiments was obtained from collected network communications. Finally, achieved results emphasized requirement of training NBA models by obfuscated malicious network traffic.
|
|
|
Safe Cryptography Algorithms
Zbránek, Lukáš ; Schäfer, Jiří (referee) ; Chmelař, Petr (advisor)
In this thesis there is description of cryptographic algorithms. Their properties are being compared, weak and strong points and right usage of particular algorithms. The main topics are safeness of algorithms, their bugs and improvements and difficulty of breaching. As a complement to ciphers there are also hash functions taken in consideration. There are also showed the most common methods of cryptanalysis. As a practical application of described algorithms I analyze systems for secure data transfer SSH and SSL/TLS and demonstrate an attack on SSL connection. In conclusion there is recommendation of safe algorithms for further usage and safe parameters of SSH and SSL/TLS connections.
|
|
|
Mobile Application for DNS Vulnerabilities Testing
Béder, Michal ; Ovšonka, Daniel (referee) ; Kováčik, Michal (advisor)
The aim of this thesis is to show the way how to implement an Android application, which allows full control over DNS packets creation. This was achieved by partial implementation of the application in C++ programming language. Furthermore, in this thesis are described topics as Android security model and possibilities of combining native and Java code. Resulting application allows to generate network attacks, which are exploiting some of the known DNS vulnerabilities.
|
guest ::
