|
|
Code Analysis and Transformation
Křoustek, Jakub ; Masařík, Karel (referee) ; Meduna, Alexandr (advisor)
This paper describes methods and procedures used for code analysis and transformation. It contains basic information of a science discipline called reverse engineering and its use in information technologies. The primary objective is a construction of tool that can disassemble from binary form to symbolic machine code. This operation is highly dependent on the concrete instruction set, and it has to be used for a beforehand known processor architecture. This problem is solved with patterns, plug-ins, and modularity of disassembler. These features provide users the ability to add new instruction sets into this disassembler. The output is the text representation of instructions and is functionally equivalent to the in-put. The thesis demonstrates usual methods of disassembly as well as the methods made by the author.
|
|
|
Debugging Information in Linker
Nikl, Vojtěch ; Křoustek, Jakub (referee) ; Masařík, Karel (advisor)
This thesis describes the conversion between the CCOFF object file format and the ELF file format. We start with a general object file format and its debbuging information, then we focus closely on the ELF, CCOFF and DWARF debugging information. The functionality of the CCOFF format is encapsulated in the ObjectFile class library. Then follows the description of creating an ELF object file, its filling with the proper data and its conversion back to the CCOFF format.
|
|
|
License Server
Frühbauer, Jan ; Křoustek, Jakub (referee) ; Hruška, Tomáš (advisor)
The aim of this Bachelor thesis is to create licensing protection to Lissom project products. Theoretical part introduces reader into software licensing and protection. There are describes possibilities of legal protection, licensing and ways of breaking it. Main aim of this part is to protect software using licensing server. Practical part is dedicated to implementation license database management tool, program creating license files and finally a library enabling using of these files.
|
|
|
Automatic Searching of Instruction Extensions for Application Processors
Češka, Martin ; Křoustek, Jakub (referee) ; Masařík, Karel (advisor)
This thesis deals with the process of automatic searching of instruction-set extensions for application-specific instruction-set processors. This process uses slightly edited ISEGEN algorithm. At first, all important terms including this algorithm are described. Then there is a detailed description of implementation of whole process in C++ programming language. At last, newly created program is considered as useful or useless based on speed-up of processor at performing of input program using found extensions.
|
|
|
Detection of API and ABI Compatibility in Java
Rohovský, Tomáš ; Křoustek, Jakub (referee) ; Kolář, Dušan (advisor)
Tato diplomová práce se zabývá API a ABI kompatibilitou Java knihoven. Jsou popsány typy kompatibility a analyzovány změny API, které vedou k zdrojové či binárni nekompatibilitě. Dále je provedena analýza existujících nástrojů, které provádějí zjišťování nekompatibility. Vhodný nástroj z předchozí analýzy je vybrán a rozšířen. Na základě rozšířeného nástroje je vytvořena serverová aplikace, která poskytuje informace o kompatibilitě sledovaných knihoven.
|
|
|
Generic Detection of Bootkits
Gach, Tomáš ; Křoustek, Jakub (referee) ; Hruška, Tomáš (advisor)
This thesis deals with the generic detection of bootkits which are relatively a new kind of malicious sofware falling into the category of rootkits. The definition of malicious software is presented along with several examples. Then the attention is paid to the rootkits in the context of Microsoft Windows operating systems. This section lists several techniques used by rootkits. After that, the ways of preventing and detecting rootkits are mentioned. Bootkits are known for infecting hard disks Master Boot Record (MBR). The structure of the MBR is described along with the example of hard disk partitioning. Afterwards, the processor instruction set is outlined and the disassembly of Windows 7 MBR is given. The rest of the thesis is devoted to a description of the course of operating system bootkit infection, bootkit prevention, analysis of infected MBR samples, and in particular to the design, implementation and testing of the generic MBR infection detector.
|
|
|
Emulator of Simple Processor
Kuzník, Petr ; Přikryl, Zdeněk (referee) ; Křoustek, Jakub (advisor)
Emulator will be designed as generic emulator. It should be capable of emulating versatile architectures. Each architecture will be stored in separate module implemented as dynamically linked dll libraries. Main goal is for the emulator to be generic and design its structure in a way, so that it would be possible to easily add new architecture modules and design these modules with already implemented abstractions. Primarily implemented architecture will be Commodore 64. It is a personal computer used mainly in USA during 1980s.
|
|
|
Generic Obfuscation on the Bytecode Level
Kollát, Samuel ; Křoustek, Jakub (referee) ; Ďurfina, Lukáš (advisor)
This work contains definition of obfuscation and methods of obfuscation. It is followed by description of LLVM Project and its suitability for obfuscation on the bytecode level for purpose of targeting different architectures. The core of the work is formed by detailed design of obfuscation methods aiming towards their implementation in back-end of LLVM compiler. Closing section is dedicated to verification of implemented functionality on different architectures by automated testing.
|
|
|
Simulation of the 8051 Microprocessor Architecture
Šimon, Petr ; Křoustek, Jakub (referee) ; Hruška, Tomáš (advisor)
More than 90% of processors are used in embedded systems today. Processor design for embedded systems is becoming complicated, so it should be automate as much as possible. This bachelor thesis deals with design of the microcontroller 8051. Design is created according to available documentation and ISAC language is used for model description. Results of model simulations are analyzed at the end of this thesis.
|
|
|
Optimization of Heuristic Analysis of Executable Files
Wiglasz, Michal ; Křoustek, Jakub (referee) ; Hruška, Tomáš (advisor)
This BSc Thesis was performed during a study stay at the Universita della Svizzera italiana, Swiss. This thesis describes the implementation of a classification tool for detection of unknown malware based on their behaviour which could replace current solution, based on manually chosen attributes'scores and a threshold. The database used for training and testing was provided by AVG Technologies company, which specializes in antivirus and security systems. Five different classifiers were compared in order to find the best one for implementation: Naive Bayes, a decision tree, RandomForrest, a neural net and a support vector machine. After series of experiments, the Naive Bayes classifier was selected. The implemented application covers all necessary steps: attribute extraction, training, estimation of the performance and classification of unknown samples. Because the company is willing to tolerate false positive rate of only 1% or less, the accuracy of the implemented classifier is only 61.7%, which is less than 1% better than the currently used approach. However it provides automation of the learning process and allows quick re-training (in average around 12 seconds for 90 thousand training samples).
|
guest ::
RSS feed.