|
|
Generic Detection of Bootkits
Gach, Tomáš ; Křoustek, Jakub (referee) ; Hruška, Tomáš (advisor)
This thesis deals with the generic detection of bootkits which are relatively a new kind of malicious sofware falling into the category of rootkits. The definition of malicious software is presented along with several examples. Then the attention is paid to the rootkits in the context of Microsoft Windows operating systems. This section lists several techniques used by rootkits. After that, the ways of preventing and detecting rootkits are mentioned. Bootkits are known for infecting hard disks Master Boot Record (MBR). The structure of the MBR is described along with the example of hard disk partitioning. Afterwards, the processor instruction set is outlined and the disassembly of Windows 7 MBR is given. The rest of the thesis is devoted to a description of the course of operating system bootkit infection, bootkit prevention, analysis of infected MBR samples, and in particular to the design, implementation and testing of the generic MBR infection detector.
|
|
|
IDE Interface for HW/SW Platform FITkit
Sigmund, Stanislav ; Šimek, Václav (referee) ; Vašíček, Zdeněk (advisor)
This thesis deals with an implementation of IDE controller on FPGA unit and hard drive connection. Besides, a lot of library functions were created that provide basic control of a hard drive and make accessible file system FAT32. Proposed controller was designed for platform FITKit and to enlarge memory capacity of this kit.
|
|
|
HelenOS installer
Táborský, Dominik ; Děcký, Martin (advisor) ; Yaghob, Jakub (referee)
The capability to install itself on a permanent storage is one of the things that define usability of an operating system. In this thesis we look at our possi- bilities of achieving that within the HelenOS operating system. We discuss what options there are, what are their advantages and disadvantages and finally their implementation details. Prototype implementation has been written of those cri- tical parts, which is also described. Implementation design decisions and their pros and cons are discussed as well. 1
|
|
|
IDE Interface for HW/SW Platform FITkit
Sigmund, Stanislav ; Šimek, Václav (referee) ; Vašíček, Zdeněk (advisor)
This thesis deals with an implementation of IDE controller on FPGA unit and hard drive connection. Besides, a lot of library functions were created that provide basic control of a hard drive and make accessible file system FAT32. Proposed controller was designed for platform FITKit and to enlarge memory capacity of this kit.
|
|
|
Generic Detection of Bootkits
Gach, Tomáš ; Křoustek, Jakub (referee) ; Hruška, Tomáš (advisor)
This thesis deals with the generic detection of bootkits which are relatively a new kind of malicious sofware falling into the category of rootkits. The definition of malicious software is presented along with several examples. Then the attention is paid to the rootkits in the context of Microsoft Windows operating systems. This section lists several techniques used by rootkits. After that, the ways of preventing and detecting rootkits are mentioned. Bootkits are known for infecting hard disks Master Boot Record (MBR). The structure of the MBR is described along with the example of hard disk partitioning. Afterwards, the processor instruction set is outlined and the disassembly of Windows 7 MBR is given. The rest of the thesis is devoted to a description of the course of operating system bootkit infection, bootkit prevention, analysis of infected MBR samples, and in particular to the design, implementation and testing of the generic MBR infection detector.
|
guest ::
