|
|
Analyzis of Parallel Honeypot Tools
Antal, Lukáš ; Chmelař, Petr (referee) ; Drozd, Michal (advisor)
This bachelor thesis analyzes the selected shadow honeypot tool. The thesis explaines the need for having tool for early detection of a new type of cyber-attack. Shadow honeypot tool analyzed in the thesis is called Argos. Argos is one of the results of the international project called European Network of Affined honeypots (NoAH). The thesis includes thorough analysis and testing of Argos tool. The paper also includes implementation of Argos log files parsing utility.
|
|
|
SQL Injection Technique - its Methods and Methods of Protection
Bahureková, Beáta ; Sedlák, Petr (referee) ; Kříž, Jiří (advisor)
SQL injection is a technique directed against web applications using an SQL database, which can pose a huge security risk. It involves inserting code into an SQL database, and this attack exploits vulnerabilities in the database or application layer. The main goal of my thesis is to get acquainted with the essence of SQL injection, to understand the various methods of this attack technique and to show ways to defend against it. The work can be divided into these main parts, which I will discuss as follows.In the introductory part of the work I mention the theoretical basis concerning SQL injection issues. The next chapter is focused on individual methods of this technique. The analytical part is devoted to mapping the current state of test subjects, scanning tools, which form the basis for optimal research and testing of individual SQL methods, which are discussed in this part from a practical point of view along with the analysis of commands. In the last part I will implement SQL methods on selected subjects and based on the outputs I will create a universal design solution how to defend against such attacks.
|
|
|
Moving Toward Strategic Cyber War Theory? Analysis of Russian State-backed Cyber Attacks
Green, Joshua ; Erkomaishvili, David (advisor) ; Landovský, Jakub (referee)
This thesis analysed cyber-attacks conducted by two pairs of nation states (Russia/Ukraine and Iran/Israel) against each other, through the lens of Jan Kallberg's Strategic Cyberwar Theory in order to determine if elements of the theory are being applied and if so, how they are being applied. This thesis also attempts to give insights as to whether this represents a shift towards the Strategic Cyber War Theory becoming a practical reality. The thesis finds that elements of Kallberg's theory are clearly visible, to varying degrees, in the offensive campaigns conducted by all the nation states studied. Each nation state employed a different strategy in terms of which pillars of society and organisations were targeted. All the evidence points towards cyber-attacks becoming a more important tool for nation states pursuing their political and strategic goals. However, the notion of the Strategic Cyber War Theory becoming a reality is far more uncertain, with other tools likely to remain more important, particularly during wartime (such as the traditional branches of military service). If a level of technological sophistication can be reached where cyber-attacks can be conducted which have the disruptive capabilities of the NotPetya cyber-attack seen in 2017 but are able to be maintained over a...
|
|
|
Crime of Aggression under the Rome Statute of International Criminal Court
Voženílková, Tereza ; Lipovský, Milan (advisor) ; Flídrová, Eliška (referee)
1 Crime of Aggression under the Rome Statute of International Criminal Court, abstract Recent events in the world show that cyber-attacks can constitute one of the greatest threats to international peace and security. Cyber operations occurring in cyberspace present unique challenges to the international community beyond the scope of existing international law. While there is a consensus that international law should apply to cyberspace, perspectives on the qualification of cyber-attacks as the most serious crimes falling under the jurisdiction of the International Criminal Court remain divided. This paper discusses the definition of the crime of aggression under the jurisdiction of the International Criminal Court with a special focus on cyber-attacks. The aim of this paper is to answer the question whether cyber-attacks can be considered a crime of aggression under the Rome Statute. The first chapter discusses the historical development and the rather complicated process of adopting the definition of the crime of aggression over the years. The second chapter describes the various elements of the crime of aggression and the jurisdiction of the International Criminal Court and the Security Council over this crime. The definition of cyber- attacks and their difference from conventional attacks is discussed...
|
|
|
SQL Injection Technique - its Methods and Methods of Protection
Bahureková, Beáta ; Sedlák, Petr (referee) ; Kříž, Jiří (advisor)
SQL injection is a technique directed against web applications using an SQL database, which can pose a huge security risk. It involves inserting code into an SQL database, and this attack exploits vulnerabilities in the database or application layer. The main goal of my thesis is to get acquainted with the essence of SQL injection, to understand the various methods of this attack technique and to show ways to defend against it. The work can be divided into these main parts, which I will discuss as follows.In the introductory part of the work I mention the theoretical basis concerning SQL injection issues. The next chapter is focused on individual methods of this technique. The analytical part is devoted to mapping the current state of test subjects, scanning tools, which form the basis for optimal research and testing of individual SQL methods, which are discussed in this part from a practical point of view along with the analysis of commands. In the last part I will implement SQL methods on selected subjects and based on the outputs I will create a universal design solution how to defend against such attacks.
|
|
|
Analyzis of Parallel Honeypot Tools
Antal, Lukáš ; Chmelař, Petr (referee) ; Drozd, Michal (advisor)
This bachelor thesis analyzes the selected shadow honeypot tool. The thesis explaines the need for having tool for early detection of a new type of cyber-attack. Shadow honeypot tool analyzed in the thesis is called Argos. Argos is one of the results of the international project called European Network of Affined honeypots (NoAH). The thesis includes thorough analysis and testing of Argos tool. The paper also includes implementation of Argos log files parsing utility.
|
guest ::
