We supervise final theses
“Is the ultimate goal only to receive a degree and store my thesis in the information system archive?”(almost) every final-year student
We don't think so.
You will spend a lot of time on your thesis. Turn it into an investment in your future study or career. A well-written bachelor's or master's thesis has opened many doors to a dream employer, brought new insight into the field, or helped develop a solution useful for practice. As members of the CSIRT-MU team, we are experts in cybersecurity and many closely related topics. We can help both with thinking about theoretical work and with implementing the applied one. We offer thesis topics that align with the goals of our current projects, which impact both public and private sectors.
Get inspired by successful work
Detection of SSH Servers on a Computer Network
This thesis deals with detection and security auditing of SSH servers on a computer network. The goal is to implement a tool which uses network flows to detect IP addresses and ports with SSH communication. Afterwards, it uses an active connection to the SSH server in order to perform a security audit. The first part of the thesis theoretically describes the areas later used in the implementation of the tool, which is presented in the second part of the thesis. In the end, results from running the tool on a test network are presented.
Visualization Portlets for Cyber Exercise Participants Feedback
The goal of the thesis is an implementation of visualizations providing feedback to the participants of cyber exercises. The visualizations offer an overview of the results. Participants can compare their results with the others. The analysis of the exercise run and events that occurred in it can also be viewed from the visualizations. The implementation and all application's features are described in the thesis. The output of this work is a portlet which can be deployed into the KYPO environment.
Advanced SSH Traffic Analysis
This thesis describes principles of the SSH protocol. It focuses on major problems related to monitoring this protocol like its identification in traffic, security related information about the connection and detection of successful login. It tries to solve these problems by implementing a measuring module for the Flowmon probe. It verifies functioning of the module and presents statistics of measured data.
Flow-based Monitoring of MySQL Database
This bachelor thesis deals with monitoring of the protocol used by MySQL databases using the method of network flows. It briefly presents the MySQL protocol. The result of this work is the design and implementation of a plugin for the Flowmon probe, whose purpose is recognizing and processing network flows of MySQL databases. The work demonstrates the usage of the implemented plugin through various use cases.
Prerequisite testing of cybersecurity skills
Cybersecurity games are an attractive and popular method of active learning. However, the majority of current games are created for advanced players, which often leads to frustration of less experienced learners. Diagnostic assessment of participants' knowledge and skills before starting an educational game can increase the benefits of playing. The information acquired by prerequisite testing enablestutors or learning environments to suitably assist participants with game challenges and maximize learning in their virtual adventure. To the best of our knowledge, this work is a pioneering attempt in researching prerequisite testing of cybersecurity skills. The thesis proposes a methodology for developing cybersecurity games and pretests, resulting from a thorough literature review and exploration of state-of-the-art cybersecurity platforms. The method is applied in practice to create the first prerequisite test for a cybersecurity game in the KYPO: Cyber Exercise and Research Platform at Masaryk University. Moreover, this work investigates the pretest's predictive value for identification of learners' readiness before playing the KYPO game. The lessons learned from the experimental study are vast. A linear regression analysis confirmed that players' skill, expressed using the game score, can be predicted by the prerequisite test result. Furthermore, the model's accuracy and statistical significance improved after confidence assessment of certainty in one's answers was introduced. Interestingly, the qualitative study of in-game actions revealed several anomalies in the performance patterns of the participants. These findings uncovered numerous factors that may create noise in the model, bringing unique insights into the field and implying new opportunities for future research.
Phishing detection using honeypots
This thesis is devoted to issue of phishing detection in electronic mail. Various forms and dangerousness of phishing are discussed. Additionally are described known phishing detection techniques in e-mails and possibilities of honeypot usage in this area are analyzed. Based on the presented findings is designed combined phishing detection technique, which is implemented as a module of existing honeypot SHIVA. Final implementation is tested on e-mails from annotated datasets and real traffic in environment of Cybernetic polygon.
Learning is a lifelong process. We share knowledge (and continually gain new ideas for reflection) in several courses.