|
|
Methods of Linux Kernel Hacking
Procházka, Boris ; Malinka, Kamil (referee) ; Vojnar, Tomáš (advisor)
This bachelor thesis focuses on the Linux kernel security from the attacker perspective. It tries to identify and map all key features and methods used by nowadays cyber-terrorists. One of its aims is to give a comprehensive overview of this topic. At final, it can serve as a small reference for everybody who wants to broaden his knowledge of Linux kernel security. The work consists of four parts. The first part repeats and defines basic notions and taxonomy of operation systems. The second and third part form the core. They cover principles and methods used to hide processes, files, connections, etc. The last chaper is devoted to related issues. A supplement of this bachelor thesis is a set of demonstrating modules, which implement discussed problems involved, and tables, where can be found a comparison of nowadays rootkits.
|
|
|
Techniques of Virtualisation of Computing Platforms in Linux
Župka, Jiří ; Kumpošt, Marek (referee) ; Vojnar, Tomáš (advisor)
The thesis tests and compares various existing virtualization tools for virtualization of computing platforms and explains important conceptions of virtualization technology. It's main contribution is a performance, efficiency, scalability and robustness comparison of virtualization tools. This comparison should help the Redhat company to make a decision whether they should leave XEN as a main virtualization tool in their distributions and move on to another newer and more user friendly virtualization tool like KVM.
|
|
|
Automatic Comparison of Static Analysis Outputs on Different Versions of Programs
Kompová, Radmila ; Müller, Petr (referee) ; Vojnar, Tomáš (advisor)
This thesis aims at development of a tool support for comparing the output of static analysis applied to different versions of program source codes. The thesis also comprises a discussion of three opensource static analyzers of the C source code. Based on this discussion, one of these analyzers, Cppcheck, was chosen for the implementation of the designed tool. The static analyzer's outputs, obtained for various versions of a specific program, are compared on the basis of the context of the line at which an error was found. The patch utility is used for comparing the appropriate contexts. Detected errors are classified into three groups: new, old, and fixed errors. A web interface allowing an easier-to-follow presentation of the results is also provided. The designed tool set has been successfully tested on three opensource projects, including the Linux kernel, Coreutils and CPython.
|
|
|
Selected Extensions of the Albegraic System Octave
Salač, Radek ; Smrčka, Aleš (referee) ; Vojnar, Tomáš (advisor)
This work deals with issues linked to solving system of linear equations in the environment of numerical computer. It describes the fundamental algorithms emphasizing their positive as well as negative sides. The work is devoted to general issues such as time complexity and memory demandingness of given algorithms. In the last part, the process of implementation of selected procedures into the algebraic system Octave is described.
|
|
|
Implementation of an ifplugd Plugin to the BusyBox Project
Kryzhanovskyy, Maksym ; Šimáček, Jiří (referee) ; Vojnar, Tomáš (advisor)
This work deals with porting the ifplugd daemon to BusyBox project. The first part gives introductory information about the BusyBox project, and looks into the structure of the application. The second part deals with the implementation of the ifplugd daemon. As part of this work was carried out partial adjustments in the BusyBox code and ifplugd daemon has been implemented as an applet of the BusyBox package. At the conclusion of this work are discussed the results.
|
|
|
A Tool for Analyzing Performance of Memory Allocators in Linux
Müller, Petr ; Peringer, Petr (referee) ; Vojnar, Tomáš (advisor)
This diploma thesis presents a tool for dynamic memory allocator analysis, focused on their performance. The work identifies the important memory allocator performance metrics, as well as the environment and program factors influencing these metrics. Using this knowledge, a tool was designed and implemented. This tool allows to gather and analyze these metrics. The tool provides the ability to create memory allocator usage scenarios for the purpose of the allocator behavior analysis under different conditions. The tool was tested on several available memory allocators with free license.
|
|
|
An Efficient Finite Tree Automata Library
Lengál, Ondřej ; Konečný, Filip (referee) ; Vojnar, Tomáš (advisor)
Numerous computer systems use dynamic control and data structures of unbounded size. These data structures have often the character of trees or they can be encoded as trees with some additional pointers. This is exploited by some currently intensively studied techniques of formal verification that represent an infinite number of states using a finite tree automaton. However, currently there is no tree automata library implementation that would provide an efficient and flexible support for such methods. Thus the aim of this Mas- ter's Thesis is to provide such a library. The present paper first describes the theoretical background of finite tree automata and regular tree languages. Then it surveys the cur- rent implementations of tree automata libraries and studies various verification techniques, outlining requirements for the library. Representation of a finite tree automaton and algo- rithms that perform standard language operations on this representation are proposed in the next part, which is followed by description of library implementation. Through a series of experiments it is shown that the library can compete with other available tree automata libraries, in certain areas being even significantly superior to them.
|
|
|
Attacks on the Linux Operating System in Theory and Practice
Procházka, Boris ; Hanáček, Petr (referee) ; Vojnar, Tomáš (advisor)
This master's thesis deals with Linux kernel security from the attacker's point of view. It maps methods and techniques of disguising the computing resources used by today's IT pirates. The thesis presents a unique method of attack directed on the system call interface and implemented in the form of two tools (rootkits). The thesis consists of a theoretical and a practical part. Emphasis is placed especially on the practical part, which manifests the presented information in the form of experiments and shows its use in real life. Readers are systematically guided as far as the creation of a unique rootkit, which is capable of infiltrating the Linux kernel by a newly discovered method -- even without support of loadable modules. A part of the thesis focuses on the issue of detecting the discussed attacks and on effective defence against them.
|
|
|
A Fault Injection Bug Hunting Tool Based on Systemtap
Zelinka, Martin ; Smrčka, Aleš (referee) ; Vojnar, Tomáš (advisor)
This work describes different methods of fault injection, the principles of system calls in operating system Linux and the Systemtap tool. The main aim of thesis is design and implementation of the application that work on the principle of fault injection into the system calls using Systemtap tool. Implemented application automatically identifies the existing system calls with the error return values, which are then replaced the original system calls return value.
|
|
|
Model Checking Infinite-State Systems Using Language Inference
Rozehnal, Pavel ; Křena, Bohuslav (referee) ; Vojnar, Tomáš (advisor)
Regular model checking is a method for verifying infinite-state systems based on coding their configurations as words over a finite alphabet, sets of configurations as finite automata, and transitions as finite transducers. We implement regular model checking using inference of regular languages. The method builds upon the observations that for infinite-state systems whose behavior can be modeled using length-preserving transducers, there is a finite computation for obtaining all reachable configurations. Our new approach to regular model checking via inference of regular languages is based on the Angluin's L* algorithm that is used for finding out an invariant which can answer our question whether the system satisfies some property. We also provide an intro to the theory of finite automata, model checking, SAT solving and Anguin's L* and Bierman algorithm of learning finite automata.
|
guest ::
