|
|
Real-Time Detection of Malware Campaigns
Holop, Patrik ; Polčák, Libor (oponent) ; Zobal, Lukáš (vedoucí práce)
This thesis deals with a real-time detection of malware campaigns based on the available data of internal tools used in the Avast Software company. Its goal is to design and implement a system that obtains and processes messages representing incidents detected at clients. The system extracts and processes useful information and estimates if the threat data are related to an emerging or continuous malware campaign based on various criteria. The experimentation proves that campaign detection based on the carefully selected data and metrics is possible. The implemented system is integrated with other internal tools of the Avast Software company. This thesis also suggests steps for further improving the detection process.
|
|
|
Security Analysis of Selected SOHO Router
Richtarik, Jakub ; Holop, Patrik (oponent) ; Tamaškovič, Marek (vedoucí práce)
Due to the increasing number of employees working from home office and the increasing number of IoT devices in our households, it is more important to use sufficiently secure routers than ever before. The aim of this study is to examine the level of security of the selected SOHO (small office/home office) routers, as representatives of currently sold home routers. The thesis also demonstrates a workflow and some methods that can be used for testing and analysis of other routers and IoT devices.
|
|
|
Implementation of a MitM probe on the platform RPi
Nekula, Štěpán ; Holop, Patrik (oponent) ; Tamaškovič, Marek (vedoucí práce)
This work presents a network probe that uses a Man-in-the-Middle (MitM) attack to monitor encrypted network traffic. The proposed probe is based on a Raspberry Pi platform and uses SSLproxy software for intercepting encrypted communication which are then scanned using Suricata intrusion detection system. Probe's performance is tested by detecting various types of simulated threats, such as malware spread and network attacks. This work provides a valuable tool for further studies of encrypted network surveillance by effectively detecting malicious activities within encrypted communications.
|
|
|
Lámání hesel pomocí Rainbow Tables na GPU
Jahoda, David ; Holop, Patrik (oponent) ; Malinka, Kamil (vedoucí práce)
Práce se zabývá návrhem a řešením nástroje pro lámání hesel pomocí Rainbow tables za využití GPU akcelerace. Důraz je kladen výkon nástroje, použití soudobých softwarových i hardwarových prostředků. V experimentální části se pak zabývá porovnáním s dosavadními řešeními využívající Rainbow tables a účinnost protiopatření vůči nim.
|
|
|
Application for Detection of Fake News
Zádrapa, Jan ; Holop, Patrik (oponent) ; Malinka, Kamil (vedoucí práce)
The problem of Fake News is one of the most significant problems in our modern society. Millions of people read Fake News articles every day without knowing it. This problem creates a risk worldwide as society is getting polarised, and elections are manipulated by third parties using propaganda. Unfortunately, there are not enough tools to help solve the problem of Fake News detection in the Czech language. This thesis aims to create a tool to help these people recognise Fake News and introduce them commonly used manipulation techniques in text.
|
|
|
Impact of AI Tools on Code Quality and Security
Vinarčík, Peter ; Holop, Patrik (oponent) ; Malinka, Kamil (vedoucí práce)
This work presents a newly developed application that is able to perform fully automated large-scale research for evaluating the safety and quality of AI-generated code. Also, a new way of evaluating the safety of AI-generated code has been presented, utilizing MITRE's methodology in combination with SAST tools performing static analysis on the code. In addition, the application is enhanced with an improved AI chatbot whose output is enhanced with the results of static analysis at generation time. The user inputs a dataset of prompts into the application, and if code with a vulnerability has been generated for a particular prompt, that vulnerability is scored by the established methodology, and the user is informed not only that the code is vulnerable, but how vulnerable it is. As part of the solution, large-scale, pilot testing of popular AIs, such as ChatGPT-4 or Gemini, is performed over a dataset of prompts using the new application, in contrast to existing studies. The results showed the dominance of ChatGPT-4 running on the GPT-4 model, over the other AIs tested.
|
|
|
Řízení bezpečnosti v malých a středních podnicích
Olej, Vojtěch ; Holop, Patrik (oponent) ; Malinka, Kamil (vedoucí práce)
Bakalářská práce se zabývá sestavením vlastní metodiky pro řízení rizik na základě již existujících standardů, uplatnitelné v malých a středních podnicích v České republice. V teoretické části jsou analyzovány zákonné povinnosti, existující standardy a současná situace. Do praktické části se řadí návrh metodiky, nasazení ve vybrané firmě a zhodnocení použitelnosti.
|
|
|
Secure Coding Guidelines for Python
Zádrapa, Jan ; Holop, Patrik (oponent) ; Malinka, Kamil (vedoucí práce)
With the number of cyberattacks and their costs rising, the demand for secure coding also rises. Python is an indivisible part of this problem as the favourite programming language. Many programmers can code in Python, but they can not code securely. Python does not have any official secure coding guidelines, and its educational materials on this topic are insufficient. This thesis aims to inform about the most significant Python coding vulnerabilities and bring solutions to these vulnerabilities. It also aims to raise the public's awareness with the help of new secure coding guidelines and educational tool. The educational tool as a web application should be well arranged and usable for the public. The tool also includes real-life examples of exploits from vulnerabilities explained in the guidelines.
|
|
|
Classification of Potentially Malicious File Clusters via Machine Learning
Holop, Patrik ; Zendulka, Jaroslav (oponent) ; Bartík, Vladimír (vedoucí práce)
This thesis proposes an alternative to currently used malware classification approaches on the file-level often based on the detection of specific byte sequences. The experimentation proved that a cluster-level classification based on the shared properties of files in the cluster is possible. That was achieved by a careful selection of the properties of the three file types - PE, APK and .NET. By comparing various machine learning methods the highest scoring classifiers were selected and a web service providing API for classification was implemented, which was used for the integration with the internal clustering system of the Avast company. This thesis also discusses drawbacks of the proposed approach and suggests steps for improving the classification.
|
|
|
Fingerprinting Attacks on Anonymity Systems
Krajči, Martin ; Holop, Patrik (oponent) ; Malinka, Kamil (vedoucí práce)
This thesis deals with fingerprinting attacks in anonymization systems, mostly in the Tor network. Such an attack was designed and executed in a real-world environment, with an aim to show the impact of errors from previous studies. Three closed-world datasets and one open-world dataset were gathered and then used for training and testing of N-shot learning classifier. The first dataset was gathered by browsing websites with a web browser in the default configuration, the second dataset was gathered in the same configuration as in the first case, but from a different country, and the third dataset was gathered by browsing websites with a web browser with Adblock Plus plugin turned on and Spanish locale set. When both training and testing the classifier on the first dataset, the average accuracy of classification was 92%. However, when training the classifier on the first dataset and testing on the second and third dataset, the average accuracy of classification was 38,58% and 39,65% respectively.
|
host ::
RSS.