|
|
System for Verifying the Minimum Resources Required to Run an Application
Žák, Jiří ; Doležal, Jan (referee) ; Smrž, Pavel (advisor)
The main goal of this bachelor thesis is to create a system for the verifying minimum resources required to run an application. The theoretical part deals with the topic of computer performance evaluation metrics and the principle of operation of the Linux operating system. The practical part describes how the design and implementation of the entire system, which uses BPF (Berkeley Packet Filter) technology, was created. The end of the work is completed by testing and evaluation of the whole work. The system was successfully deployed in the partner company BringAuto. It turned out, that the operating system is powerful enough to run applications.
|
|
|
Methods of Linux Kernel Hacking
Procházka, Boris ; Malinka, Kamil (referee) ; Vojnar, Tomáš (advisor)
This bachelor thesis focuses on the Linux kernel security from the attacker perspective. It tries to identify and map all key features and methods used by nowadays cyber-terrorists. One of its aims is to give a comprehensive overview of this topic. At final, it can serve as a small reference for everybody who wants to broaden his knowledge of Linux kernel security. The work consists of four parts. The first part repeats and defines basic notions and taxonomy of operation systems. The second and third part form the core. They cover principles and methods used to hide processes, files, connections, etc. The last chaper is devoted to related issues. A supplement of this bachelor thesis is a set of demonstrating modules, which implement discussed problems involved, and tables, where can be found a comparison of nowadays rootkits.
|
|
|
System for Verifying the Minimum Resources Required to Run an Application
Žák, Jiří ; Doležal, Jan (referee) ; Smrž, Pavel (advisor)
The main goal of this bachelor thesis is to create a system for the verifying minimum resources required to run an application. The theoretical part deals with the topic of computer performance evaluation metrics and the principle of operation of the Linux operating system. The practical part describes how the design and implementation of the entire system, which uses BPF (Berkeley Packet Filter) technology, was created.The end of the work is completed by testing and evaluation of the whole work. The system was successfully deployed in the partner company BringAuto. It turned out, that the operating system is powerful enough to run applications.
|
|
|
Rootkit for MS Windows
Trutman, Michal ; Tomec, Martin (referee) ; Procházka, Boris (advisor)
This bachelor's thesis deals with methods of attack on MS Windows operating system and maps techniques of resources hiding used by existing rootkits. The thesis consists of a theoretical and a practical part. The first part covers classification of the rootkits, introduces the structure of the system kernel and then describes various techniques of attacking the system. In the practical part is described implementation and testing of my own rootkit.
|
|
|
Reactive Audit
Hlísta, Juraj ; Drozd, Michal (referee) ; Hanáček, Petr (advisor)
The thesis deals with the proposal and the implementation of an extension for the audit system in Linux - the reactive audit. It brings a new functionality to the auditing in form of triggering reactions to certain audit events. The reactive audit is implemented within an audit plugin and its use is optional. Additionally, there is another plugin which stores some audit events and provides time-related statistics for the first plugin. As the result, the mechanism of the reactive audit does not only react to some audit events, it is also able to reveal anomalies according to the statistical information and set ofe the appropriate reactions. It is a fairly general mechanism that can be useful in various situations.
|
|
|
Dynamic Security Policy Enforcement on Android
Vančo, Matúš ; Malinka, Kamil (referee) ; Aron, Lukáš (advisor)
This work proposes the system for dynamic enforcement of access rights on Android. Each suspicious application can be repackaged by this system, so that the access to selected private data is restricted for the outer world. The system intercepts the system calls using Aurasium framework and adds an innovative approach of tracking the information flows from the privacy-sensitive sources using tainting mechanism without need of administrator rights. There has been designed file-level and data-level taint propagation and policy enforcement based on Android binder.
|
|
|
Extending RedirFS to Userspace
Pírko, Jiří ; Čejka, Rudolf (referee) ; Kašpárek, Tomáš (advisor)
The purpose of this thesis is to consider the rigth way how to make a user space extension of RedirFS, which works as a Linux kernel module and implement it. There is described a model of user and kernel spaces used in Linux and how this two spaces can communicate with each other. There are several communication mechanisms described with a description of use. Bandwidth and latency tests for all these mechanisms are implemented. Measurement results are presented and the suitable mechanism is chosen. The second part of the thesis is focused on redirctl and urfs. The first solution represents the RedirFS control tool, the second is the implementation of user space filters.
|
|
|
System for Verifying the Minimum Resources Required to Run an Application
Žák, Jiří ; Doležal, Jan (referee) ; Smrž, Pavel (advisor)
The main goal of this bachelor thesis is to create a system for the verifying minimum resources required to run an application. The theoretical part deals with the topic of computer performance evaluation metrics and the principle of operation of the Linux operating system. The practical part describes how the design and implementation of the entire system, which uses BPF (Berkeley Packet Filter) technology, was created. The end of the work is completed by testing and evaluation of the whole work. The system was successfully deployed in the partner company BringAuto. It turned out, that the operating system is powerful enough to run applications.
|
|
|
System for Verifying the Minimum Resources Required to Run an Application
Žák, Jiří ; Doležal, Jan (referee) ; Smrž, Pavel (advisor)
The main goal of this bachelor thesis is to create a system for the verifying minimum resources required to run an application. The theoretical part deals with the topic of computer performance evaluation metrics and the principle of operation of the Linux operating system. The practical part describes how the design and implementation of the entire system, which uses BPF (Berkeley Packet Filter) technology, was created.The end of the work is completed by testing and evaluation of the whole work. The system was successfully deployed in the partner company BringAuto. It turned out, that the operating system is powerful enough to run applications.
|
|
|
Dynamic Security Policy Enforcement on Android
Vančo, Matúš ; Malinka, Kamil (referee) ; Aron, Lukáš (advisor)
This work proposes the system for dynamic enforcement of access rights on Android. Each suspicious application can be repackaged by this system, so that the access to selected private data is restricted for the outer world. The system intercepts the system calls using Aurasium framework and adds an innovative approach of tracking the information flows from the privacy-sensitive sources using tainting mechanism without need of administrator rights. There has been designed file-level and data-level taint propagation and policy enforcement based on Android binder.
|
guest ::
