|
|
Porting of Brave Fingerprinting Protection to JavaScript Restrictor
Švancár, Matúš ; Zobal, Lukáš (referee) ; Polčák, Libor (advisor)
Users of internet browsers are constantly monitored, without their consent. By using the JavaScript APIs, it is possible to obtain various information about the browser, which together form a browser fingerprint, which can then be misused. Therefore, the goal of this work is to use a robust fingerprint protection solution of Brave browser and port it to the JavaScript Restrictor extension. In this work, the problematics of obtaining an fingerprint and countermeasures in the Brave browser are analyzed and then compared with the current protection in the JSR extension. The method of porting of Brave's countermeasures is presented and subsequently the procedure of implementation of these defense elements into the browser extension is described. The resulting implementation has been tested and evaluated, with the new protection appearing to be effective.
|
|
|
Influence of Network Infrastructure on Distributed Password Cracking
Eisner, Michal ; Zobal, Lukáš (referee) ; Hranický, Radek (advisor)
Password cracking is a process used to obtain the cracking key through which we get access to encrypted data. This process normally works on the principle of the repeated try of attempts and their verification by making calculations of cryptographic algorithms. The difficulty of algorithms affects the time spent on solving of the calculations. In spite of various acceleration methods, it is often necessary to distribute the given problem among several nodes which are interconnected via the local network or the internet. The aim of this thesis is to analyze the influence of network infrastructure on the speed, the scalability, and the utilization during different attacks on cryptographical hashes. For these purposes, there was created an automatized experimental environment, which consists of distinctive topologies, scripts, and sets of testing tasks. Based on the results of the analysis, which were obtained by the usage of tools Fitcrack and Hashtopolis it was possible to observe this influence.
|
|
|
Automated Creation of Password Mangling Rules
Drdák, Dominik ; Zobal, Lukáš (referee) ; Hranický, Radek (advisor)
In the process of password cracking by a dictionary attack, the password repertoire is limited by the used dictionary. With the help of rules that can modify passwords from a dictionary, it is possible to extend such a dictionary with additional passwords. In order to maximize the benefits of these rules in password cracking, the rules can be generated based on existing data. Frequent patterns, such as capitalization, numbers at the end or frequently used substrings in passwords can be found in databases of leaked passwords. Based on the patterns obtained, a set of clever rules can be created that can significantly improve the success of a password cracking by dictionary attack. The gist of the work is based on this knowledge and presents specific methods for the implementation of these procedures. The work describes the design and implementation of such tool that can create a set of rules from existing passwords based on their similarity. The functionality of the tool and especially the benefits of the chosen method are shown experimentally.
|
|
|
Improving Extraction of Information From Executable Files
Hájek, Karel ; Kolář, Dušan (referee) ; Zobal, Lukáš (advisor)
This thesis deals with extension of an open-source decompiler project called RetDec maintained by the Avast company. The goal is to develop an extension of data extraction from executable files for malware analysis improvement. The thesis proposes several possible improvements on data extraction in the RetDec project. The most useful of these suggested enhancements are then selected and implemented. The selected enhancements involve calculating a hash of symbol names in Linux executable files and a more extensive analysis of Authenticode format, a Microsoft technology for digital signing of executable files for Windows operating systems. The thesis implements the selected additional data extractions in the RetDec project and tests them on real-world malware samples.
|
|
|
Distributed Password Recovery Using Hashcat Tool
Zobal, Lukáš ; Veselý, Vladimír (referee) ; Hranický, Radek (advisor)
The aim of this thesis is a distributed solution for password recovery, using hashcat tool. The basis of this solution is password recovery tool Fitcrack, developed during my previous work on TARZAN project. The jobs distribution is done using BOINC platform, which is widely used for volunteer computing in a variety of scientific projects. The outcome of this work is a tool, which uses robust and reliable way of job distribution across a local or the Internet network. On the client side, fast and efficient password recovery process takes place, using OpenCL standard for acceleration of the whole process with the use of GPGPU principle.
|
|
|
Malicious Tor Exit Node Detection
Firc, Anton ; Zobal, Lukáš (referee) ; Polčák, Libor (advisor)
The main goal of this bachelor's thesis is to study and implement detection for malicious Tor exit nodes. This work contains information about existing solutions for detecting malicious exit nodes and techniques used for Tor malicious exit nodes detection. This work also discusses design of system for detecting malicious Tor exit nodes tampering with encrypted HTTPS communication when accessing any of the worldwide most visited websites. It describes the process of implementation and testing of designed detection tool. It also deals with detection of malicious exit nodes using implemented tool and describes incident which led to the detection and reporting of a malicious exit node.
|
|
|
Rainbow Table Module for Password Cracking Systems
Kaprál, Lukáš ; Zobal, Lukáš (referee) ; Hranický, Radek (advisor)
Má závěrečná práce je zaměřena na tvorbu modulu, který bude kompatibilní s již existujícími nástroji pro generování rainbow tables a lámání hesel. Rainbow tables jsou předzpracované vyhledávací tabulky používané v kryprografii pro efektivní prolomení hashovaných hesel tím, že je mapují zpět na jejich původní nešifrovaný text. Modul bude zároveň schopen efektivně uchovávat, generovat datové sady a vyhledávat v rainbow tables. Dále bude tento modul upraven tak, aby mohl fungovat se systémem Fitcrack. Nakonec bude vytvořeno rozhraní, pomocí kterého se bude komunikovat s tímto modulem. V této práci se dozvíte o rainbow tables, co to přesně je a jak fungují, popíši již existující nástroje a software, uvidíte a porozumíte návrhu celého modulu. Poté si můžeme přečíst o celé implementaci a jak je daný modul propojen se systémem Fitcrack. Nakonec provedeme několik experimentů, ve kterých předvedeme, jak tento modul funguje a zaměříme se i na rychlost generování, paměťové nároky a rychlost vyhledávání.
|
|
|
Safe and Seamless Data Sharing
Višňovský, Michal ; Zobal, Lukáš (referee) ; Kolář, Dušan (advisor)
Antivirus companies together create a community network of sample sharing. Data sources are not unified and there exist many types of sharing principles. One of them is the system of Sampleshare, working on basis of the Norman Sample Sharing Framework. The current version is using deprecated technologies and is open to network threats. The main goal of the thesis is to create a reinterpretation of this system, without the clients noticing any changes and having to reconfigure their feeder scripts in a larger scale. The focus is also set to use the newest technologies in means of improving the overall safety of the application and its transfer protocol. The included web application provides user and sample package administration as well as monitoring of the host machine resources.
|
|
|
In-Depth Analysis of Code Similarity in Malware Strains
Voščinár, Martin ; Kolář, Dušan (referee) ; Zobal, Lukáš (advisor)
The goal of this thesis is the analysis of malware strains with the aim to discover relationships in terms of code similarity or its reuse. Specialized tools are used for the detection of binary code similarity. Selected strains are then analyzed using reverse engineering techniques to uncover the purpose and origin of such code. Based on these findings, detection patterns are created, efficiently detecting those threats. This research also points out the shortcomings of used tools and proposes options for improvement. In conclusion, the obtained results of this thesis are summarized and evaluated with prospects for the future.
|
|
|
Methods of Ransomware Analysis and Detection
Vojtáš, Samuel ; Kolář, Dušan (referee) ; Zobal, Lukáš (advisor)
The purpose of this thesis is to demonstrate the threat of malware and to describe its forms. Special focus is put on ransomware - its historical evolution, method of analysis, detection, and recovery from it. Various techniques of reverse engineering are also introduced alongside concepts related to it, such as static and dynamic analysis or sandboxing. Paper centers around creating detection mechanisms and malware classification. Company Avast provided samples of several ransomware families for the analysis to create detection YARA rules and to describe samples' behavior. The process of development of detection mechanisms for ransomware threats is shown alongside the method to decrypt files encrypted by various ransomware families that contained cryptography errors. The end of the thesis sums up the resulting data regarding the efficiency of defense mechanisms.
|
guest ::
