Thesis Details
Metody analýzy a detekce ransomwaru
The purpose of this thesis is to demonstrate the threat of malware and to describe its forms. Special focus is put on ransomware - its historical evolution, method of analysis, detection, and recovery from it. Various techniques of reverse engineering are also introduced alongside concepts related to it, such as static and dynamic analysis or sandboxing. Paper centers around creating detection mechanisms and malware classification. Company Avast provided samples of several ransomware families for the analysis to create detection YARA rules and to describe samples' behavior. The process of development of detection mechanisms for ransomware threats is shown alongside the method to decrypt files encrypted by various ransomware families that contained cryptography errors. The end of the thesis sums up the resulting data regarding the efficiency of defense mechanisms.
Malware, Reverse engineering, Ransomware, Cryptography, YARA
Malinka Kamil, Mgr., Ph.D. (DITS FIT BUT), člen
Milet Tomáš, Ing., Ph.D. (DCGM FIT BUT), člen
Ryšavý Ondřej, doc. Ing., Ph.D. (DIFS FIT BUT), člen
Strnadel Josef, Ing., Ph.D. (DCSY FIT BUT), člen
@bachelorsthesis{FITBT24307, author = "Samuel Vojt\'{a}\v{s}", type = "Bachelor's thesis", title = "Metody anal\'{y}zy a detekce ransomwaru", school = "Brno University of Technology, Faculty of Information Technology", year = 2022, location = "Brno, CZ", language = "slovak", url = "https://www.fit.vut.cz/study/thesis/24307/" }