|
|
Strong Unilateral Authentication of Low-cost Devices Involved in Internet of Things in Smart Homes
Člupek, Vlastimil
In this paper we focused on authentication of low-cost devices involved in Internet of Things (IoT) in smart homes. We proposed a unilateral authentication protocol for authentication of low-cost devices involved in IoT with a Control Unit (CU) of a smart house. The protocol allows secure transmission of secret information between communication entities. Only cryptographic primitives as Hash functions, XOR operations and Physical unclonable functions (PUFs) are necessary for execution of the protocol. Security of the proposed protocol is described.
|
|
|
Methods of steganography
Obdržálková, Karolína ; Blažek, Petr (referee) ; Člupek, Vlastimil (advisor)
This bachelor thesis deals with steganography, its types and methods. Steganography is generally described in this work. A significant part of this thesis is devoted to the development of steganography and also describes how is steganography used for malware and copyright protection. The next part describes the types of steganography according to the type of carrier, their methods and properties of steganographic methods. Based on theoretical knowledge, an application with a graphical user interface was created to hide and reveal secret information using steganographic method LSB. This application is described in the final part together with the evaluation of security of hidden information.
|
|
| |
|
|
Digital certificates and certificate authorities
Lepa, Ondřej ; Hajný, Jan (referee) ; Člupek, Vlastimil (advisor)
This diploma thesis deals with certification and certification authorities, certification path PKI and principles of its validation and security. Also deals with structure of certificate itself and possible misuse of included information. Moreover, possibility of misues of third party certificates and proclamation of untrusted certificate to client's system.
|
|
|
Access control system using multilevel authentication
Cvrček, Tadeáš ; Člupek, Vlastimil (referee) ; Dzurenda, Petr (advisor)
The master's thesis focuses on authenticated key agreement protocols and their implementation on MultOS smart cards platform and devices running Google Android operating system. Implemented applications use NFC (Near Field Communication) interface for communication with cellphone, Bluetooth technology for communication with smart watch and smart card as SAM (Secure Access Module) module in a verifier role. The source code is universal, so it is possible to use it in other projects.
|
|
|
Methodology for testing the security and performance of firewalls
Sasko, Dominik ; Člupek, Vlastimil (referee) ; Frolka, Jakub (advisor)
This bachelor thesis focuses on analysis of security and performance of firewalls and designing a methodology for testing them. Theoretical part is devoted to explaining firewalls and its' division and describing functions of next generation firewalls. Beginning of practical part focuses on testing security using penetration programs and shows results of each security test. Practical part continues with performance tests in various scenarios using Spirent Avalanche and compares the results with values stated by the manufacturer of firewall Hillstone.
|
|
|
Cyber Attacks in JMeter
Klimeš, Jan ; Člupek, Vlastimil (referee) ; Číka, Petr (advisor)
Bachelor thesis deals with the security of computer networks based on TCP/IP protocol stack. The main aim is to create extension modules for application JMeter that add features to the software generate DoS attacks, SYN flood, UDP flood, DNS Server attack and DNS Amplification using applications Trafgen. The theoretical part generally describes cyber attacks, associated with network protocols and application JMeter itself. The practical part contains a description of the graphical interface of the expansion modules, each class which the modules consist of and test results.
|
|
|
End-to-end encryption protocol for IEEE 802.15.4
Bača, Jaromír ; Člupek, Vlastimil (referee) ; Krajsa, Ondřej (advisor)
Tato práce se zabývá problematikou šifrování komunikace mezi nízkonapěťovými zaří-zeními, které jsou ovládány pomocí mikrokontrolerů. V rámci práce byly používány dvěvývojové desky deRFnod, které byly osazeny čipy AVR ATmega 128 RFA1, které umož-ňují bezdrátovou komunikaci. Na těchto zařízeních probíhal vývoj a testování aplikace.Finálním výstupem práce je návrh aplikace pro asymetrickou výměnu klíčů, která jezaložena na eliptických křivkách. Tato aplikace je implantována v Atmel LightWeight,kde je i řešena otázka vzájemné komunikace mezi komunikujícími body. Vygenerovanýklíč je dále použit pro širfování komunikace pomocí šifrovacího algoritmu AES, který jejiž implementován ve využitém LightWeigt protokolu. Toto šifrování umožňuje nejenomšifrování koncových bodů, ale i komunikačního tunelu. Taková ochrana poskytuje uži-vatelům anonymitu dat a znemožňuje nebo velmi znesnadňuje potenciálním útočníkůmzařízení fyzicky lokalizovat na základě znalosti směrování dat v síti.
|
|
|
Data-efficient security of cloud storages
Elis, Martin ; Fujdiak, Radek (referee) ; Člupek, Vlastimil (advisor)
This work is focused on problematics of a cloud solution, especially on its security side. It describes the current security trends and approaches used by security engineers when creating sophisticated designs of secure cloud systems. As part of it there is a risk analysis and an overview of the most common types of attacks led against the cloud solutions. Also, this document deals with the possibilities, principles, advantages and negatives of different types of cloud distributions. Another text deals with the usual methods used for accessing the cloud. This thesis contains author’s own design of possible realization. In the next part of the document, process of building a safe cloud data storage is described together with principles of ensuring its security. In the conclusion, the author focuses on comparison of cryptographic algorithms and their behavior depending on the length of a used keys.
|
|
|
Implementation of plugins for JMeter
Švehlák, Milan ; Člupek, Vlastimil (referee) ; Martinásek, Zdeněk (advisor)
This thesis discusses the load testing tool JMeter and its opportunities for expansion by modules carrying out cyber attacks of the type Denial of Service (DoS). To begin with, there is a theoretical overview of cyber attacks of this type. The following chapter, talks about the JMeter tool, namely its functions and expansion options. After that, it is proceeded to the actual design and realization of the modules. The module implementing the attack HTTP Flood is created first. This module uses internal functions of the program JMeter. This new module is tested. Next chapter folows the procedure of creating modules, that use external generator of network traffic. Modules SYN Flood, ICMP Flood and NTP Flood are implemented using the generator Trafgen. Module implementing attack Slowloris uses a Python script as a generator of the attack. Finally, all the new modules are tested.
|
guest ::
