|
|
Information System Assessment and Proposal for ICT Modification
Ryšánek, Vladimír ; Hampl, Ondřej (referee) ; Koch, Miloš (advisor)
This thesis focuses on the analysis of the current state of an information system in order to detect it´s deficiencies and to propose a motion for their elimination. Via application of selected methods, it reveals lack in the system security policy, on which this thesis further focuses. Specifies how to implement asset assessment as a part of the risk management in the company and also contains its own security policy solution using Safetica software, which helps reducing the likelihood of the company security incidents.
|
|
|
Conversion between Formats for Sharing of Network Security Alerts
Eis, Pavel ; Wrona, Jan (referee) ; Žádník, Martin (advisor)
There are many platforms and systems designed for sharing cyber security incidents and events, which often use different security formats. This way it gets harder or even not possible to share security incidents and events between organizations, which are using these platforms. Solution of this problem may be creation of converters, which are capable of converting used security formats between each other. This work solves conversion between security formats IDEA, MISP and STIX. In the process of conversion, it is important to care about conversion flow, to prevent information loss or different category of event assignment, than which it was originally represented by. If the conversion is accurate enough, it can be easier achieved more precise and broader analysis of cyber security incidents.
|
|
|
GPON network security incident reporting software
Kupka, Ondřej ; Holík, Martin (referee) ; Horváth, Tomáš (advisor)
This thesis focuses on development of software for security incident reporting from GPON networks. The theoretical part introduces the principles of GPON and provides an introduction to security incidents. The practical part is focused on the selection of suitable open-source systems and the design of an application in Python for the creation of alerts. The output of the work is the deployment of TheHive, Cortex and MISP systems and the creation of an application enabling the creation of various types of alerts based on prepared template. The thesis is finalized by a detailed description of deployment, custom configuration and testing.
|
|
| |
|
|
Annotation of NetFlow Data from Perspective of Network Security
Kadletz, Lukáš ; Grégr, Matěj (referee) ; Žádník, Martin (advisor)
This thesis describes design and implementation of application for offline NetFlow data annotation from perspective of network security. In this thesis is explained the NetFlow architecture in detail along with methods for security incidents detection in the captured data. The application design is based on analysis of manual annotation and supported by several UML diagrams. The Nemea system is used for detecting security events and Warden system as a source of information about reported security incidents on the network. The application uses technologies such as PHP 5, Nette framework, jQuery library and Bootstrap framework. The CESNET association provided NetFlow data for testing the application. The result of this thesis could be used for analysis and annotation of NetFlow data. Resulting data set could be used to verify proper functionality of detection tools.
|
|
|
The present and the future of cyber security of the selected territorial self-governing unit
PRAGEROVÁ, Tereza
The topic of the thesis discuss about the present and future of the cyber security in the selected self-governing units. This problematics can be, due to the rate of the increase in threats, considered as very current. Impacts of the cyber attacks, which can hit millions of people at once, are deterrent and people shoul pay an increased attention to this theme. Complex elaborationof this problém could later serve as a basis for a successful fight against cyberterorrism. The aim of the thesis was the finding and then the comparison of the current status of the cyber security in a selected territorial self-governing units. Selected were the Vysocina region and the South Bohemia region. The information and data were taken by studying the relevant legislation, vocational documents, articles, intervies and the questionnaire survey, which focused on the experts working with cyber security of the relevant municipality with extended powers. In order to process the thesis well and original and having regard to the anti-pandemic measures introduced the following covid-19 pandemic, it was used the mixed research method, which contains both qualitative induction and quantitative research. Data were obtained through an interview, then recorded in the form of a questionnaire. They went through comparison, analyzing, or eventuel tabular and graphical representation. The prognostic methods are part of the research as well. Analysis of trends, megatrends and the wheel of the future, which allows a clear but at the same time holistic view of the issue. Many interesting findings were identified. Cyber security experts educate themselves in the field regularly. In the case of the cyber incident, the preparedness, coordination and the resolution would take place without major problems in some municipalities. It should be paid close attentio to the theme of the cyber security in the future. This diploma thesis could serve as an introduction to the issue for the lay and professional public as well.
|
|
|
GPON network security incident reporting software
Kupka, Ondřej ; Holík, Martin (referee) ; Horváth, Tomáš (advisor)
This thesis focuses on development of software for security incident reporting from GPON networks. The theoretical part introduces the principles of GPON and provides an introduction to security incidents. The practical part is focused on the selection of suitable open-source systems and the design of an application in Python for the creation of alerts. The output of the work is the deployment of TheHive, Cortex and MISP systems and the creation of an application enabling the creation of various types of alerts based on prepared template. The thesis is finalized by a detailed description of deployment, custom configuration and testing.
|
|
|
Conversion between Formats for Sharing of Network Security Alerts
Eis, Pavel ; Wrona, Jan (referee) ; Žádník, Martin (advisor)
There are many platforms and systems designed for sharing cyber security incidents and events, which often use different security formats. This way it gets harder or even not possible to share security incidents and events between organizations, which are using these platforms. Solution of this problem may be creation of converters, which are capable of converting used security formats between each other. This work solves conversion between security formats IDEA, MISP and STIX. In the process of conversion, it is important to care about conversion flow, to prevent information loss or different category of event assignment, than which it was originally represented by. If the conversion is accurate enough, it can be easier achieved more precise and broader analysis of cyber security incidents.
|
|
|
Annotation of NetFlow Data from Perspective of Network Security
Kadletz, Lukáš ; Grégr, Matěj (referee) ; Žádník, Martin (advisor)
This thesis describes design and implementation of application for offline NetFlow data annotation from perspective of network security. In this thesis is explained the NetFlow architecture in detail along with methods for security incidents detection in the captured data. The application design is based on analysis of manual annotation and supported by several UML diagrams. The Nemea system is used for detecting security events and Warden system as a source of information about reported security incidents on the network. The application uses technologies such as PHP 5, Nette framework, jQuery library and Bootstrap framework. The CESNET association provided NetFlow data for testing the application. The result of this thesis could be used for analysis and annotation of NetFlow data. Resulting data set could be used to verify proper functionality of detection tools.
|
|
|
Information System Assessment and Proposal for ICT Modification
Ryšánek, Vladimír ; Hampl, Ondřej (referee) ; Koch, Miloš (advisor)
This thesis focuses on the analysis of the current state of an information system in order to detect it´s deficiencies and to propose a motion for their elimination. Via application of selected methods, it reveals lack in the system security policy, on which this thesis further focuses. Specifies how to implement asset assessment as a part of the risk management in the company and also contains its own security policy solution using Safetica software, which helps reducing the likelihood of the company security incidents.
|
guest ::
