|
|
Microsoft Windows Registry Analysis
Hula, Miroslav ; Drozd, Michal (referee) ; Chmelař, Petr (advisor)
Understanding and working with Microsoft Windows registry is an important ability from the perspective of security. This ability is used by malicious software as well as by software, which repaires the damage caused by activity of malicious software. However, applications accessing and working with the registry are platform dependent, which may not always be convenient and it can lead to other problems if the platform is not secure. Therefore, the aim of this work is to create a platform independent application for accessing and working with registry, which makes possible to analyse the effect of malware on registry.
|
|
|
Program Similarity Recognition Based on Behaviour Analysis
Otočka, Dávid ; Vojnar, Tomáš (referee) ; Peringer, Petr (advisor)
The goal of this master thesis was to design an algorithm that will be able to measure the difference between two programs based on their behavioral description. For the algorithm needs, the Levenshtein distance method between two strings and NCD method, were used. Both methods have their implementation approach and test result described. This term also discusses various methods of program analysis in virtual machine environment, as well as explanation of some basic concepts regarding malware analysis.
|
|
|
Metrics for Intrusion Detection in Network Traffic
Homoliak, Ivan ; Chmelař, Petr (referee) ; Drozd, Michal (advisor)
Publication aims to propose and apply new metrics for intrusion detection in network traffic according to analysis of existing metrics, analysis of network traffic and behavioral characteristics of known attacks. The main goal of the thesis is to propose and implement new collection of metrics which will be capable to detect zero day attacks.
|
|
|
Analysis of Automated Generation of Signatures Using Honeypots
Bláha, Lukáš ; Barabas, Maroš (referee) ; Drozd, Michal (advisor)
In this paper, system of automatic processing of attacks using honeypots is discussed. The first goal of the thesis is to become familiar with the issue of signatures to detect malware on the network, especially the analysis and description of existing methods for automatic generation of signatures using honeypots. The main goal is to use the acquired knowledge to the design and implementation of tool which will perform the detection of new malicious software on the network or end user's workstation.
|
|
|
Analysis of the Possibility of Password Break through for RAR, ZIP and 7z Formats
Prustoměrský, Milan ; Přikryl, Zdeněk (referee) ; Hruška, Tomáš (advisor)
This Thesis deals with analysis of the possiblity of password breakthrough for common compression formats and password extraction from self-extraction archives used for malicious software. Structure of compression programs, ciphers and connection between cipher and archives is described. Common and specialized attacks on archives and ciphers are described. Structure of self-extracting archives and password location is used to create extractor of passwords in self-extracting archives.
|
|
| |
|
|
Network Attack Capture Using Honeypots
Mlčoch, Tomáš ; Chmelař, Petr (referee) ; Richter, Jan (advisor)
This bachelor thesis deals with honeypot tools and adapting a Linux operating system into such tool. The thesis presents general categories of malicious codes and current trends in this area. The thesis also presents an existing honeypot tool Honeyd and its features. Next there are introduced tools and techniques to monitor a Linux system, compared the selected virtualization technology and explained the process of creating a virtual Linux honeypot.
|
|
|
Analysis of Security Incidents from Network Traffic
Serečun, Viliam ; Grégr, Matěj (referee) ; Ryšavý, Ondřej (advisor)
Analýza bezpečnostních incidentů se stala velmi důležitým a zajímavým oborem počítačové vědy. Monitorovací nástroje a techniky pomáhají při detekci a prevenci proti tímto škodlivým aktivitám. Tento dokument opisuje počítačové útoky a jejich klasifikaci. Také jsou tady opsaný některé monitorovací nástroje jako Intrusion Detection System nebo NetFlow protokol a jeho monitorovací software. Tento dokument také opisuje konfiguraci experimentální topologie a prezentuje několik experimentů škodlivých aktivit, které byly detailně kontrolovány těmito monitorovacími nástroji.
|
|
| |
|
|
Malware, internet threat - types and protection
Vaňková, Aneta ; Luc, Ladislav (advisor) ; Veber, Jaromír (referee)
This bachelor thesis deals the world malware and what this word means. The theoretical part describes the particular division of malware, its history and development from the 70s to the present. Other chapters include targets of hackers, why malware exists and what is the motivation of its authors. Conclusion of the theoretical part describes other threats which are on the Internet. The practical part includes two explorations. The first is dedicated to antivirus, it represents the most frequently used programs, their functionality and user interface. Test of infected file demonstrates the functionality and level of security. Final summary assists users in selecting the appropriate antivirus for their computer. The second is realized as a questionnaire which determines the awareness of the general public about the danger of malware and defence against it. The conclusion evaluate results of explorations of the practical part, it compares targets of this bachelor thesis and monitors their achievement or provides information about extension of explorations.
|
guest ::
