|
|
Polymorphic Shellcode
Plocek, Radovan ; Ďurfina, Lukáš (referee) ; Křoustek, Jakub (advisor)
This paper describes important information relevant to creating and using of polymorphic shellcodes. It contains informations about virtual adress space layout on Windows and Linux, about processor's registers and classical shellcodes, which are basics of polymorphic shellcodes. The primary objective of this paper is a construction of an advanced generator of polymorphic shellcodes. It can be used for testing the performance of systems based on a signature detection. It is possible to combine various methods and their level by specification of arguments at program's start-up.
|
|
|
Case Study of Selected Network Vulnerabilities
Kolajová, Jana ; Malinka, Kamil (referee) ; Homoliak, Ivan (advisor)
The main goal of this thesis is to deal with databases of vulnerable code bases and vulnerable applications, and to implement a tool for autonomous search and saving data from those databases to a local one. The thesis is divided into theoretical and practical parts. The theoretical part deals with my current knowledge of the main topic and creates a foundation for the implementation. Various kinds of vulnerabilities and network attacks are described in detail in this part. The practical part describes implementation of the tool and its real use.
|
|
|
Analysis of Attacks Using Web Browser
Olejár, František ; Michlovský, Zbyněk (referee) ; Drozd, Michal (advisor)
Different attacks guided from web servers using web browsers are being analyzed and described in this Bachelor's thesis. A simulation environment is used to simulate the attacks. The environment was created using Browserider, using the web server Apache 2 and a virtual machine as well. On the basis of the analysis, the application ExploitAnalyzer was developed and implemented and can successfully record process's actions as well as IRP requests sent during an attack onto a web browser.
|
|
|
Extension of Behavioral Analysis of Network Traffic Focusing on Attack Detection
Teknős, Martin ; Zbořil, František (referee) ; Homoliak, Ivan (advisor)
This thesis is focused on network behavior analysis (NBA) designed to detect network attacks. The goal of the thesis is to increase detection accuracy of obfuscated network attacks. Methods and techniques used to detect network attacks and network traffic classification were presented first. Intrusion detection systems (IDS) in terms of their functionality and possible attacks on them are described next. This work also describes principles of selected attacks against IDS. Further, obfuscation methods which can be used to overcome NBA are suggested. The tool for automatic exploitation, attack obfuscation and collection of this network communication was designed and implemented. This tool was used for execution of network attacks. A dataset for experiments was obtained from collected network communications. Finally, achieved results emphasized requirement of training NBA models by obfuscated malicious network traffic.
|
|
|
Statistical anomaly detection methods of data communication
Woidig, Eduard ; Mangová, Marie (referee) ; Slavíček, Karel (advisor)
This thesis serves as a theoretical basis for a practical solution to the issue of the use of statistical methods for detecting anomalies in data traffic. The basic focus of anomaly detection data traffic is on the data attacks. Therefore, the main focus is the analysis of data attacks. Within the solving are data attacks sorted by protocols that attackers exploit for their own activities. Each section describes the protocol itself, its usage and behavior. For each protocol is gradually solved description of the attacks, including the methodology leading to the attack and penalties on an already compromised system or station. For the most serious attacks are outlined procedures for the detection and the potential defenses against them. These findings are summarized in the theoretical analysis, which should serve as a starting point for the practical part, which will be the analysis of real data traffic. The practical part is divided into several sections. The first of these describes the procedures for obtaining and preparing the samples to allow them to carry out further analysis. Further described herein are created scripts that are used for obtaining needed data from the recorded samples. These data are were analyzed in detail, using statistical methods such as time series and descriptive statistics. Subsequently acquired properties and monitored behavior is verified using artificial and real attacks, which is the original clean operation modified. Using a new analysis of the modified traffics compared with the original samples and an evaluation of whether it has been some kind of anomaly detected. The results and tracking are collectively summarized and evaluated in a separate chapter with a description of possible further attacks, which were not directly part of the test analysis.
|
|
|
iOS platform security
Nidl, Michal ; Veber, Jaromír (advisor) ; Luc, Ladislav (referee)
This bachelor's thesis is focused on security of operating system iOS from Apple. The thesis is divided into six chapters. The first chapter describes iOS and Apple company. The second chapter deals with iOS security architecture in terms of security model and security mechanisms. The third chapter deals with the security of iOS applications and options of their testing. The fourth chapter describes software attacks against iOS in the form of malware and exploitation. The fifth chapter describes the system interferences and methods for their detection. The sixth chapter deals with comparison of iOS security and Android and Windows Phone platform security. In this chapter is introduced the security of competitive platforms in terms of security model, system security, application security and interferences. This comparison includes the table with evaluation of security. Objective of this thesis is to introduce ways of security in one of the most widely used mobile platform. Moreover the aim is to compare iOS security with security of two competitive platforms. The result is an analysis of iOS security and it's comparison with Android and Windows Phone security.
|
|
|
Návrh na zvýšení infromační bezpečnosti v IS menší organizace na základě výsledků penetračních testů
Mazal, Jakub
Mazal, J. Proposal to increase information security IS in small organization based on the results of penetration tests. Brno: Mendel University, 2013. This thesis deals with the system of information safety and security of the computer network in a small business. Furthermore, the work deals with penetration tests and instruments that are used for penetration testing. With the tests carried out in a specific organization is evaluated safety and eventually steps are designed to increase information security in a particular organization.
|
|
|
The issue of the fight against human trafficking in EU documents: Study 5.297
Pohl, Michal
Studie „Boj proti obchodování s lidmi v dokumentech EU“ se zaměřuje na legislativní nástroje EU pro boj proti obchodování s lidmi. Studie se věnuje v první části obecným souvislostem boje proti obchodování s lidmi, včetně vnitrostátního i mezinárodního rozměru. Těžištěm práce je pak přehled a analýza legislativních opatření EU, zahrnujíc v to primární i sekundární prameny práva EU. Závěrem je nastíněn vývoj této oblasti z hlediska de lege ferenda. (prostituce)
Fulltext:  PDF
|
guest ::
