|
|
Impact of IIoT security on proactive maintenance of company's assets
Chomyšyn, Maxim ; Vladimír,, Türkon (referee) ; Sedlák, Petr (advisor)
This work examines possible safety risks associated with the operation of IIoT technologies in industrial production. The content of this document is an analysis of used IIoT technologies, their purpose and method of implementation into production processes and the company's technology strategy. The outcome of this analysis will serve to develop possible risk scenarios and their associated impacts. Finally, I recommend possible changes that either eliminate these risks completely or at least minimize them.
|
|
|
Building security awareness at the Faculty of Business and Management
Volfová, Jana ; Ondrák, Viktor (referee) ; Sedlák, Petr (advisor)
This diploma thesis is focused on Security Awareness Education at the Faculty of Business and Management. It consists of three main parts: theoretical, analytical and practical considerations. The theoretical part is the introduction to basic terms, processes and analysis to help understand the thesis. The analytical part includes an introduction to the chosen organization and the implementation of analysis, which were presented in the theoretical part. The practical part contains, among other things, the actual proposals for Security Awareness Education at the faculty and its benefits.
|
|
|
Hacktivism: Politics, Crime, or Fun?
Raška, Jindřich ; Froehling, Kenneth (referee) ; Kotásek, Miroslav (advisor)
Cílem této bakalářské práce je zanalyzovat fenomén zvaný hacktivismus, jeho význam, dopady na společnost a motivaci jeho aktérů. Termín hacktivismus se skládá ze dvou následujících termínů; aktivismus, který bývá ve většině případů politicky motivovaný a hacking, jenž se jedná o kriminální činnost za účelem zneužití chyby nebo nedokonalosti výpočetního systému. Za účelem efektivního dosažení svého cíle, se aktéři hacktivismu, stejně jako jiní aktivisté, většinou organizují do skupin. Práce je též zaměřena na motivaci a následky konání těchto organizovaných skupin, zejména na skupinu s názvem Anonymous, s exemplárními příklady jejich akcí z minulosti.
|
|
|
The Design of the Maturity Model for Measuring Effectivity of the SIEM System in the Organisation
Kosková, Zdeňka ; Lukáš,, KUBÍK (referee) ; Ondrák, Viktor (advisor)
The bachelor‘s thesis addresses the issue of evaluating the effectiveness of the SIEM system in an industrial environment. The goal was to propose a methodology that uses a MITRE ATT&CK matrix for ICS for evaluation. The thesis first analyses existing solutions and their potential applications, followed by a description of monitoring evaluation in an energy company, which together with the matrix form the basis of the proposed solution. The main output of the thesis is a proposal for quantitative evaluation of individual techniques of the matrix, such as graphical interpretation and the possibility to share results securely with other CERT teams.
|
|
|
Industry 4.0 in according Design and Application of Production Machines
Serykh, Pavel ; Szabari, Mikuláš (referee) ; Knoflíček, Radek (advisor)
This Bachelor thesis is focused on the theme of CNC manufacturing machines and their use in accordance with the principles of Industry 4.0. The first part is a search of the current state in the field of the most frequently used CNC production machines in engineering according to their design and application. In the second part described principles, basic attributes and key technologies of Industry 4.0, defined concept. The last part is on top of the project conceptual workplace with CNC manufacturing machines in the premises of the technical high school VUTBR in accordance with the principles and tenets of Industry 4.0 and the evaluation of the results achieved.
|
|
| |
|
|
The Design of a Perimeter Security Solution of an Organization
Dupač, Viktor ; Krejčí, Tomáš (referee) ; Sedlák, Petr (advisor)
This thesis describes the design of a perimeter security solution of an organisation. In the first part of this thesis I am describing some theoretical basics and since chapter six I start describing the main topic of this thesis. In the first logical part of the main topic part I am describing a present situation of an organisation and starting the planning of the solution. In the second logical part of the main topic part I am describing the router Turris Omnia. In that part I am describing this device from different angles. Then next logical part describes the final solution of a perimeter security solution of an organisation. And finally after that there is the part of the evaluation and benefits of this thesis and the conclusion of this thesis.
|
|
|
Integration of advanced artificial intelligence methods with log management security systems
Sedláček, Jiří ; Mikulec, Marek (referee) ; Safonov, Yehor (advisor)
Cyber security is a very important aspect of everyone’s daily life. With the ever-expanding cyberspace and its growing influence on the real world, the issue of cyber security is all the more important. The theoretical part of the thesis describes the basic aspects of security monitoring. Also, the process of collecting event logs and their management is briefly described. An important means of security monitoring is the management of security information and events. Its advantages, disadvantages and possible improvements with artificial intelligence are discussed. Security orchestration, automation and response functions are also mentioned in the theoretical part. Machine learning techniques such as neural networks and deep learning are also mentioned. This section also focuses on cyber operations centres in terms of improving the efficiency of human ”manual” labour. A survey of possible machine learning techniques for this use case has been conducted, as the lack of human resources is a critical issue within security operations centres. The practical part of the thesis involves setting out a goal (text sequence classification) that could make the work considerably easier in terms of manually categorizing event logs according to their source. For this set task, security monitoring related data was collected from different log sources. In the practical part, the methods for processing this data are also described in detail. Subsequently, a suitable neural network model was selected and its technical description was performed. Finally, the final data processing and the process of training, validating and testing the model are described. Three scenarios were developed for this process, which are then described in detail in the measurement results.
|
|
|
Conversion between Formats for Sharing of Network Security Alerts
Eis, Pavel ; Wrona, Jan (referee) ; Žádník, Martin (advisor)
There are many platforms and systems designed for sharing cyber security incidents and events, which often use different security formats. This way it gets harder or even not possible to share security incidents and events between organizations, which are using these platforms. Solution of this problem may be creation of converters, which are capable of converting used security formats between each other. This work solves conversion between security formats IDEA, MISP and STIX. In the process of conversion, it is important to care about conversion flow, to prevent information loss or different category of event assignment, than which it was originally represented by. If the conversion is accurate enough, it can be easier achieved more precise and broader analysis of cyber security incidents.
|
|
|
Statistical output of security audits
Hrubešová, Gabriela ; Vlastimil,, Svoboda (referee) ; Sedlák, Petr (advisor)
The subject of this diploma thesis is a statistical analysis of security audits. The theoretical part describes key terms in the field of cyber and information security, basic background for this area and important regulations. The next part focuses on the description of security audit, its course, necessary conditions and content. The last part is devoted to statistical analysis of obtained samples. We analyse samples from several points of view, compare and look for features and information that could be helpful to the auditor’s assessment.
|
guest ::
