|
|
Implementation of Honeypot tool for monitoring and analysis of network attacks
Němeček, Ladislav ; Červenka, Vladimír (referee) ; Bartl, Milan (advisor)
The goal of this thesis is to describe and categorize the malicious software. Thesis deals with the network attacks and the protection against them as well as how to detect and analyze the attack by the eligible tools. The next part of the thesis deals with the honeypot topic and the possibilities of detection using this software, specifically then the Argos tool. The installation, usage, and the methods of detection of the tool are also being described. The next chapter describes how to secure the honeypot against abuse. Last but not least, the thesis also contains the results of the network monitoring, attacks on the honeypot, and describes the log files used by Argos to interpret the results of the attack detection.
|
|
|
Advanced Analysis of Control Flow in Malware
Porwolik, Tomáš ; Matula, Peter (referee) ; Ďurfina, Lukáš (advisor)
This thesis deals with the tool for decompilation of binary code to high-level programming language. This tool is being developed within the project Lissom. The aim of this work is the implementation of advanced analysis in control flow. This work is focused on reconstruction the switch statement and calling function through pointer. These problems are solved by adding new methods to control flow analysis. They are described in detail and solution is proposed, implemented and tested. Created solution allows reconstruct the switch statement in most cases and calling function through pointer in simpler cases. The contribution of this work is an improvement of the tool for decompilation in case that decompiled programs use these advanced structures.
|
|
|
Cryptovirology and Future of Malware
Prchal, Josef ; Říha, Zdeněk (referee) ; Cvrček, Daniel (advisor)
Malware is connected to information technology. They influence each other. The aim of this thesis is to describe various types of this software and give a brief account of its history and development. It also discusses main trends of this area and tries to foretell the future development.
|
|
|
Analysis of Attacks Using Web Browser
Olejár, František ; Michlovský, Zbyněk (referee) ; Drozd, Michal (advisor)
Different attacks guided from web servers using web browsers are being analyzed and described in this Bachelor's thesis. A simulation environment is used to simulate the attacks. The environment was created using Browserider, using the web server Apache 2 and a virtual machine as well. On the basis of the analysis, the application ExploitAnalyzer was developed and implemented and can successfully record process's actions as well as IRP requests sent during an attack onto a web browser.
|
|
|
Analyzis of Parallel Honeypot Tools
Antal, Lukáš ; Chmelař, Petr (referee) ; Drozd, Michal (advisor)
This bachelor thesis analyzes the selected shadow honeypot tool. The thesis explaines the need for having tool for early detection of a new type of cyber-attack. Shadow honeypot tool analyzed in the thesis is called Argos. Argos is one of the results of the international project called European Network of Affined honeypots (NoAH). The thesis includes thorough analysis and testing of Argos tool. The paper also includes implementation of Argos log files parsing utility.
|
|
|
Preserving Validity of MS Exchange Headers on Filtering SMTP Proxy-Server
Szabó, Peter ; Židek, Stanislav (referee) ; Richter, Jan (advisor)
The aim of this thesis is the localization and finding an optimal solution for a compatibility issue between two products, the AVG Linux Server Edition SMTP proxy-server and the Microsoft Exchange e-mail server. There are several possible solutions of this issue described and the most effective one is suggested as the final solution. In the first part, this thesis is providing a basic overview of the SMTP protocol and the protocols used in the Microsoft Exchanage server. The most common threats in the e-mail communication are also discussed here and several available solutions of protection against them are presented.
|
|
| |
|
|
Network Attack Analysis Using Honeypots
Galetka, Josef ; Chmelař, Petr (referee) ; Drozd, Michal (advisor)
This text deals with computer network security using honeypot technology, as a tool of intentional trap for attackers. It closely describes basic thoughts, together with advantages and disadvantages of this concept. The main aim is a low interaction honeypot Honeyd, its functionality and possible extensional features. As a practical part of the text there is a description of principles of implementation Honeyd service scripts, which are represented as a simulation of behavior of computer worm Conficker. Further it describes creation of automated script used for analysis and processing of gathered data, captured during actual deployment of Honeyd in Internet network.
|
|
|
Visualization of Program Flow of Executable Files
Rusnák, Jakub ; Bartoň, Radek (referee) ; Zemčík, Pavel (advisor)
This master's thesis describes the visualization of program flow of executable files on Microsoft Windows platform. In theoretical part it describes the PE EXE file format and instruction format. In following chapters there are described current methods of malware analysis, especially the analysis of program flow. Then there are introduced current malware visualization methods and tools for 3D data visualization. The main objective is design and implementation of 3D visualization of jumps in executable files. The result is the visualization tool, which helps to identify different samples of malware from the normal code.
|
|
|
System for Analysis of Data From Infected Computers
Pečeňa, Jan ; Janoušek, Vladimír (referee) ; Peringer, Petr (advisor)
Presented thesis aims to develop web-based application for AVG Technologies. The application is supposed to bring in every suspicious information from a file, which has been gained from customer's registers, and make customer support more effective and efficient. Designing the application was tightly binded with obtaining an overview of computer threats and attacks. The thesis describes and explains malware and its basic types such as virus, worm, trojan horse, etc. History and features of ASP.NET, PHP, Virus Total web service and Internet Information Service are described as well. The result of the thesis, the application itself, is deployed in real enviroment and ready to be updated with new information sources.
|
guest ::
