Bachelor theses
Monitoring of unwanted monitoring of users by mobile phones on the Android platform
Author
Patrik Suchopa
Year
2022
Type
Bachelor thesis
Supervisor
Ing. Jan Fesl, Ph.D.
Reviewers
Ing. Josef Kokeš, Ph.D.
Department
Summary
This bachelor thesis deals with the design and implementation of detection methods related to unwanted monitoring of users by mobile phones on the Android platform. Monitoring network traffic and usage of system resources gave me data subjected to analysis. I implemented the application designated for data mining beyond requirements. I could not detect eavesdropping of users nor activity allied with improving users' localization by Wi-Fi scanning. There was an unexpected behavior related to the Google Maps application. The communication with its domains occurred even though the application was terminated.
The implementation and vulenrability analyse of WPA3
Author
Vítek Špelina
Year
2023
Type
Bachelor thesis
Supervisor
Ing. Jan Fesl, Ph.D.
Reviewers
Ing. Alexandru Moucha, Ph.D.
Department
Summary
The main purpose of this study is to test the implementation of WPA3, the new security standard
for wireless networks on MikroTik devices. It furthermore compares the effectivity of WPA3 with
WPA2 standard which is more used nowadays.
The thesis outlines the evolution of wireless security standards from WEP to WPA3. It
contains a detailed description of the principles used by WPA3. The already known Denial of
Service (DoS) attacks - Doppelganger, Muted Peer, PMK Gobbler and Memory Omnivore are
discussed and examined thoroughly in this study, explaining their principles and impacts in great
details. Additionaly it compares these attacks with the ones used on the current implementations
of WPA3 for MikroTik devices. A new attack which uses the vulnerability in the fundamentals
of the WPA3 standard is also described in the study.
Both WPA2 and WPA3 standards are comparable, in terms of efficiency. However, it is shown
that the tested implementations are not secure enough to be used in real-life environment. Furthemore the thesis proves that the SAE handshake as it is now, is not suitable for the use in shared
networks.
As a part of the study, each of attack scripts was updated and refactored to current standards.
Along that a complex program allowing automatized testing of each attack on different versions
of WPA3 implementations was created.
Modern slow DDoS attacks and protection against them
Author
Lukáš Brůna
Year
2024
Type
Bachelor thesis
Supervisor
Ing. Jan Fesl, Ph.D.
Reviewers
Ing. Jiří Smítka
Department
Summary
This thesis is focused on the field of Slow Distributed Denial of Service attacks and their mit-
igation. First, I explain how the most common types of SDDoS attacks function and what is
their impact on current systems. Second section of the thesis is then focused on different possible
defense solutions, how they could be implemented and if they are effective. In the final sections
I choose a solution approach which I design, implement and test successfully.
Open-source system for cloning of RFID/NFC cards and tags
Author
Michal Beneš
Year
2024
Type
Bachelor thesis
Supervisor
Ing. Jan Fesl, Ph.D.
Reviewers
Ing. Jiří Buček, Ph.D.
Department
Summary
This work focuses on the security of RFID and NFC tags and cards in infrastructure. The aim of the work is to design and implement a portable and extensible open-source device that will be able to clone and emulate some selected types of RFID cards and tags using a selected commercially available microcomputer. The work also involves the development of software with a graphical environment that enables the necessary capabilities of the device. The theoretical part of the thesis explains the basic principles of RFID technology, its security and shortcomings. Furthermore, an analysis of existing solutions that are used for cloning and emulation of RFID technology and the selection of suitable hardware for the creation of the resulting device are discussed. The practical part of the thesis deals with the design and actual implementation of the device from both hardware and software aspects. Finally, the functionality of the device is verified by testing a set of different RFID cards and tags.
Secure system for radio orienteering
Author
Pavel Kolský
Year
2025
Type
Bachelor thesis
Supervisor
Ing. Jan Fesl, Ph.D.
Reviewers
Ing. Jiří Dostál, Ph.D.
Department
Summary
The thesis addresses the development of a system for transmitting split times in orienteering competitions. The theoretical part provides an overview of orienteering sports and an analysis of existing split time transmission systems, highlighting their strengths and limitations.
The practical part focuses on the design of a new solution, with an emphasis on simplicity and flexibility.
The thesis outcome is a prototype of a hardware unit based on the ESP32 microcontroller with its firmware, along with a software gateway that facilitates the collection of split times, monitoring, and configuration of individual stations using a developed network protocol.
LLM usage for computer network error diagnostics
Author
Martin Efler
Year
2025
Type
Bachelor thesis
Supervisor
Ing. Jan Fesl, Ph.D.
Reviewers
Ing. Tomáš Kalvoda, Ph.D.
Department
Summary
This bachelor thesis explores the potential of large language models (LLMs) in
computer network diagnostics. The theoretical part describes the evolution of
language models from statistical approaches through neural models to current
transformer architectures, explaining their operating principles and ability to
process complex textual information. In the practical part, a test dataset con
taining 25 variations of network configurations with problem descriptions was
created and presented to various LLMs for analysis. By evaluating respon
ses against expected solutions, the effectiveness of these models in identifying
causes of network problems in the context of network terminology was deter
mined. The results suggest significant potential in this field
DNS user fingerprint usable for his identification
Author
David Morozovič
Year
2025
Type
Bachelor thesis
Supervisor
Ing. Jan Fesl, Ph.D.
Reviewers
Ing. Mgr. Ladislava Smítková Janků, Ph.D.
Department
Summary
This thesis examines the possibility of identifying an internet user based solely on their DNS fingerprint. A publicly available dataset containing records from a medium-sized network of an internet provider is experimentally analyzed and processed. It searches for consistent behavioral patterns in the data and implements prediction using machine learning and deep learning models.
The outcome is a model that can make successful identification in 86,6 % of cases. Therefore, the paper demonstrates that users on the internet can be identified with high probability purely by their behaviour in the online space.
Cryptographic libraries efficiency
Author
Tomáš Jaroš
Year
2025
Type
Bachelor thesis
Supervisor
Ing. Jan Fesl, Ph.D.
Reviewers
Ing. Michal Polák
Department
Summary
The main topic of this bachelors thesis is the comparison of the efficiency of cryptographic libraries. As crucial as cryptographic libraries are, efficiency is commonly overlooked, and as practice shows, it does not solely depend on the algorithms used. Five open-source C/C ++ cryptographic libraries are selected: OpenSSL, wolfCrypt, Mbed TLS, Botan, and libsodium. Several modern cryptographic algorithms, such as AES, ChaCha20, RSA, and SHA, are used to compare the efficiency of these libraries. A set of executables using selected algorithms in selected libraries is implemented to perform automatic experimental comparative analysis using a Python script. In the attachment, all the source files and the testing script can be found, as well as a few supporting scripts for the installation of tested cryptographic libraries. The results gathered measuring multiple efficiency metrics, such as run time, throughput, signing time, key generation time, or memory used, are displayed on charts and discussed. Based on the results provided in this thesis, one can make a more accurate decision about which cryptographic library will serve their project the best. The results provide a different perspective on evaluating cryptographic libraries, as they focus on more overlooked properties.
Efficiency and utilization of Vector Packet Processing in high-speed networks
Author
Ondřej Slavík
Year
2025
Type
Bachelor thesis
Supervisor
Ing. Jan Fesl, Ph.D.
Reviewers
Ing. Alexandru Moucha, Ph.D.
Department
Summary
This bachelors thesis focuses on the efficiency and utilization of the Vector
Packet Processing (VPP) framework in high-speed networks. The aim is to
experimentally compare its packet processing performance with the traditional
kernel-based networking stack. The thesis first introduces the theoretical foun-
dations of VPP and its architecture. In the practical part, test scenarios are
designed and executed to evaluate and compare both solutions. The results
show that VPP achieves higher throughput and lower latency at higher trans-
mission speeds, with energy efficiency varying depending on traffic volume and
configuration.
Master theses
The virtual machine consolidation system
Author
Michal Polák
Year
2023
Type
Master thesis
Supervisor
Ing. Jan Fesl, Ph.D.
Reviewers
prof. Ing. Pavel Tvrdík, CSc.
Department
Summary
This thesis is dedicated to the problem of the virtual machines consolidation with a focus on optimizing the load of the network infrastructure. I define this problem and present several possible solutions. Finally those methods are experimentally tested on the randomly generated data for the purpose of evaluation.