Thesis Details
Multiplatform Linux Sandbox for Analyzing IoT Malware
Bachelor's Thesis
Student: Poliakov Daniel
Academic Year: 2018/2019
Supervisor: Kolář Dušan, doc. Dr. Ing.
Czech title
Linuxové víceplatformní oddělené běhové prostředí pro analýzu malware v IoT
Language
English
Abstract
Diversity of processor architectures used by IoT devices complicates IoT malware analysis. This thesis summarizes current state of static, dynamic, and network analysis and it evaluates existing open source solutions of sandboxes providing automated analysis. It proposes a design of a modular system that is easy-to-use, has available REST API, and web interface. The implementation supports five processor architectures. It was tested on current IoT malware samples.
Keywords
Linux sandbox, IoT malware, static analysis, dynamic analysis, network analysis, YARA, SystemTap
Department
Degree Programme
Information Technology
Files
Status
defended, grade A
Date
11 June 2019
Reviewer
Committee
Hanáček Petr, doc. Dr. Ing. (DITS FIT BUT), předseda
Chudý Peter, doc. Ing., Ph.D. MBA (DCGM FIT BUT), člen
Kekely Lukáš, Ing., Ph.D. (DCSY FIT BUT), člen
Strnadel Josef, Ing., Ph.D. (DCSY FIT BUT), člen
Trchalík Roman, Mgr., Ph.D. (DIFS FIT BUT), člen
Chudý Peter, doc. Ing., Ph.D. MBA (DCGM FIT BUT), člen
Kekely Lukáš, Ing., Ph.D. (DCSY FIT BUT), člen
Strnadel Josef, Ing., Ph.D. (DCSY FIT BUT), člen
Trchalík Roman, Mgr., Ph.D. (DIFS FIT BUT), člen
Citation
POLIAKOV, Daniel. Multiplatform Linux Sandbox for Analyzing IoT Malware. Brno, 2019. Bachelor's Thesis. Brno University of Technology, Faculty of Information Technology. 2019-06-11. Supervised by Kolář Dušan. Available from: https://www.fit.vut.cz/study/thesis/22120/
BibTeX
@bachelorsthesis{FITBT22120, author = "Daniel Poliakov", type = "Bachelor's thesis", title = "Multiplatform Linux Sandbox for Analyzing IoT Malware", school = "Brno University of Technology, Faculty of Information Technology", year = 2019, location = "Brno, CZ", language = "english", url = "https://www.fit.vut.cz/study/thesis/22120/" }