Malware analysis & C2 covert channels
| dc.contributor.advisor | Κάτσικας, Σωκράτης | |
| dc.contributor.author | Liakopoulos, Nikolaos | |
| dc.contributor.author | Λιακόπουλος, Νικόλαος | |
| dc.date.accessioned | 2018-01-18T12:14:35Z | |
| dc.date.available | 2018-01-18T12:14:35Z | |
| dc.date.issued | 2017 | |
| dc.identifier.uri | https://dione.lib.unipi.gr/xmlui/handle/unipi/10650 | |
| dc.format.extent | 84 | el |
| dc.language.iso | en | el |
| dc.publisher | Πανεπιστήμιο Πειραιώς | el |
| dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 Διεθνές | * |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/4.0/ | * |
| dc.title | Malware analysis & C2 covert channels | el |
| dc.type | Master Thesis | el |
| dc.contributor.department | Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα Ψηφιακών Συστημάτων | el |
| dc.description.abstractEN | In the internal network of a large organization, there may be a large number of security measures or products in place, such as antivirus, Intrusion Prevention/Detection Systems (IPDS), Firewalls, security patch management, etc., and there is still some malware, mostly APT threats, that goes undetected. One of the activities that malware will conduct is “phone home”, to either fetch updates and instructions from the remote Command and Control (C&C) servers, or send back stolen information. It is challenging, but also may be proven fruitful to proactively detect these malware phone-home activities. But before that, an analyst must be aware of the most common techniques which were used in order for attackers to exfiltrate data through these channels. The first part of this thesis covers tools and techniques for malware analysis and reverse engineering, as well as the setup and documentation of a basic lab environment. The second part focuses on analyzing and documenting core techniques and attributes of known Command and Control channels for Malware communication (C2 channels) and examines implementations of such covert channels through common computer network protocols. In the final part, we propose and develop a covert data exfiltration method based on established techniques. | el |
| dc.contributor.master | Ασφάλεια Ψηφιακών Συστημάτων | el |
| dc.subject.keyword | Malware | el |
| dc.subject.keyword | Malicious software | el |
| dc.subject.keyword | Static analysis | el |
| dc.subject.keyword | Dynamic analysis | el |
| dc.subject.keyword | Covert | el |
Αρχεία σε αυτό το τεκμήριο
Αυτό το τεκμήριο εμφανίζεται στις ακόλουθες συλλογές
-
Τμήμα Ψηφιακών Συστημάτων
Department of Digital Systems
Εκτός από όπου διευκρινίζεται διαφορετικά, το τεκμήριο διανέμεται με την ακόλουθη άδεια:
Attribution-NonCommercial-NoDerivatives 4.0 Διεθνές
Attribution-NonCommercial-NoDerivatives 4.0 Διεθνές