|
|
Tool for SQL Injection Vulnerability Detection
Kutypa, Matouš ; Samek, Jan (referee) ; Barabas, Maroš (advisor)
The Bachelor thesis is focused on the issue of SQL injection vulnerabilities. The thesis presents commonly used procedures in the attacks against information systems and are also discussed possibilities of defense including the correct ways of input validation. The theoretical part contains the essential foundation of what should the penetration tester know, to be able to examine the inputs of application for SQL injection vulnerability. The thesis also describes analysis, design and implementation of specialized tool for Web application vulnerability detection. The implemented tool was tested and compared with other existing tools. Within the thesis has been also implemented a Web application, which demonstrates many different variants of SQL injection vulnerable inputs.
|
|
|
Retargetable Analysis of Machine Code
Křoustek, Jakub ; Janoušek, Jan (referee) ; Návrat,, Pavol (referee) ; Kolář, Dušan (advisor)
Analýza softwaru je metodologie, jejímž účelem je analyzovat chování daného programu. Jednotlivé metody této analýzy je možné využít i v dalších oborech, jako je zpětné inženýrství, migrace kódu apod. V této práci se zaměříme na analýzu strojového kódu, na zjištění nedostatků existujících metod a na návrh metod nových, které umožní rychlou a přesnou rekonfigurovatelnou analýzu kódu (tj. budou nezávislé na konkrétní cílové platformě). Zkoumány budou dva typy analýz - dynamická (tj. analýza za běhu aplikace) a statická (tj. analýza aplikace bez jejího spuštění). Přínos této práce v rámci dynamické analýzy je realizován jako rekonfigurovatelný ladicí nástroj a dále jako dva typy tzv. rekonfigurovatelného translátovaného simulátoru. Přínos v rámci statické analýzy spočívá v navržení a implementování rekonfigurovatelného zpětného překladače, který slouží pro transformaci strojového kódu zpět do vysokoúrovňové reprezentace. Všechny tyto nástroje jsou založeny na nových metodách navržených autorem této práce. Na základě experimentálních výsledků a ohlasů od uživatelů je možné usuzovat, že tyto nástroje jsou plně srovnatelné s existujícími (komerčními) nástroji a nezřídka dosahují i lepších výsledků.
|
|
| |
|
|
Improving Extraction of Information From Executable Files
Hájek, Karel ; Kolář, Dušan (referee) ; Zobal, Lukáš (advisor)
This thesis deals with extension of an open-source decompiler project called RetDec maintained by the Avast company. The goal is to develop an extension of data extraction from executable files for malware analysis improvement. The thesis proposes several possible improvements on data extraction in the RetDec project. The most useful of these suggested enhancements are then selected and implemented. The selected enhancements involve calculating a hash of symbol names in Linux executable files and a more extensive analysis of Authenticode format, a Microsoft technology for digital signing of executable files for Windows operating systems. The thesis implements the selected additional data extractions in the RetDec project and tests them on real-world malware samples.
|
|
|
Application displaying the course of cyber attacks
Safonov, Yehor ; Gerlich, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
Nowadays, the safety of end stations is a topical issue. The complexity of the programming equipment of the computing systems brings about a greater probability of creating vulnerabilities, which could be used as a new anchor point for possible attacks aimed at endpoint computers or the whole company infrastructure. One of the main goals of this bachelor thesis is to create an instrument that would allow system administrators to perform more effective analysis and countermeasures directed to prevent the emergence of negative threats. From a theoretical point of view, the bachelor thesis will focus on the most common attacks on modern operating systems with an emphasis on Windows. It will then deal with the problematics of malicious code, especially with the principles of its operation, specific features and current trends. In the practical part, focus will be placed on the implementation of a robust application that will become a part of the project that is currnetly being developed in TrustPort company. In the beginning, the bachelor thesis is going to analyze different use cases of the application. Further it will make comparisons between different graphical representations, which could be displayed. Subsequently, the thesis is going to define the sets of functional, non-functional and critical requirements for the implementation as to create a concept of future application, specifically its architecture and user interface. During the next step a plan of the implementation of the proposed application is going to be presented. This plan is logically divided into several stages for better understanding. According to the implemented parts, the functionality of the application will be tested on the most commonly detected user attacks. At the end of the work, possible expansion, improvements and a concise conclusion will be stated.
|
|
|
Analýza škodlivého kódu ve virtuálním prostředí
KOVÁŘ, Jaroslav
The diploma thesis deals with analysis of malware that attempts to evade many kinds of analyses in virtual environments (so-called evasive malware). The thesis includes a designed implementation of the analysis environment, experiments and assessment of the malware analysis in virtual environment, which validates the benefits of protective measures making the analysis environment less obvious to evasive malware. An important source of inspiration for creating the basis of some of the protective measures were findings about biological viruses.
|
|
|
Improving Extraction of Information From Executable Files
Hájek, Karel ; Kolář, Dušan (referee) ; Zobal, Lukáš (advisor)
This thesis deals with extension of an open-source decompiler project called RetDec maintained by the Avast company. The goal is to develop an extension of data extraction from executable files for malware analysis improvement. The thesis proposes several possible improvements on data extraction in the RetDec project. The most useful of these suggested enhancements are then selected and implemented. The selected enhancements involve calculating a hash of symbol names in Linux executable files and a more extensive analysis of Authenticode format, a Microsoft technology for digital signing of executable files for Windows operating systems. The thesis implements the selected additional data extractions in the RetDec project and tests them on real-world malware samples.
|
|
| |
|
|
Application displaying the course of cyber attacks
Safonov, Yehor ; Gerlich, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
Nowadays, the safety of end stations is a topical issue. The complexity of the programming equipment of the computing systems brings about a greater probability of creating vulnerabilities, which could be used as a new anchor point for possible attacks aimed at endpoint computers or the whole company infrastructure. One of the main goals of this bachelor thesis is to create an instrument that would allow system administrators to perform more effective analysis and countermeasures directed to prevent the emergence of negative threats. From a theoretical point of view, the bachelor thesis will focus on the most common attacks on modern operating systems with an emphasis on Windows. It will then deal with the problematics of malicious code, especially with the principles of its operation, specific features and current trends. In the practical part, focus will be placed on the implementation of a robust application that will become a part of the project that is currnetly being developed in TrustPort company. In the beginning, the bachelor thesis is going to analyze different use cases of the application. Further it will make comparisons between different graphical representations, which could be displayed. Subsequently, the thesis is going to define the sets of functional, non-functional and critical requirements for the implementation as to create a concept of future application, specifically its architecture and user interface. During the next step a plan of the implementation of the proposed application is going to be presented. This plan is logically divided into several stages for better understanding. According to the implemented parts, the functionality of the application will be tested on the most commonly detected user attacks. At the end of the work, possible expansion, improvements and a concise conclusion will be stated.
|
|
|
Retargetable Analysis of Machine Code
Křoustek, Jakub ; Janoušek, Jan (referee) ; Návrat,, Pavol (referee) ; Kolář, Dušan (advisor)
Analýza softwaru je metodologie, jejímž účelem je analyzovat chování daného programu. Jednotlivé metody této analýzy je možné využít i v dalších oborech, jako je zpětné inženýrství, migrace kódu apod. V této práci se zaměříme na analýzu strojového kódu, na zjištění nedostatků existujících metod a na návrh metod nových, které umožní rychlou a přesnou rekonfigurovatelnou analýzu kódu (tj. budou nezávislé na konkrétní cílové platformě). Zkoumány budou dva typy analýz - dynamická (tj. analýza za běhu aplikace) a statická (tj. analýza aplikace bez jejího spuštění). Přínos této práce v rámci dynamické analýzy je realizován jako rekonfigurovatelný ladicí nástroj a dále jako dva typy tzv. rekonfigurovatelného translátovaného simulátoru. Přínos v rámci statické analýzy spočívá v navržení a implementování rekonfigurovatelného zpětného překladače, který slouží pro transformaci strojového kódu zpět do vysokoúrovňové reprezentace. Všechny tyto nástroje jsou založeny na nových metodách navržených autorem této práce. Na základě experimentálních výsledků a ohlasů od uživatelů je možné usuzovat, že tyto nástroje jsou plně srovnatelné s existujícími (komerčními) nástroji a nezřídka dosahují i lepších výsledků.
|
guest ::
