Wyniki 1-3 spośród 3 dla zapytania: authorDesc:"KRZYSZTOF CABAJ"

Wykorzystanie metod eksploracji danych do automatycznej generacji sygnatur na podstawie aktywności systemów honeypot

Czytaj za darmo! »

In this paper we are going to present a method for automatic signature generation. Paper contains description of current Internet threats and security systems. Analysis of those systems shows that a big disadvantage of them is connected with not up-to-date signatures. Proposed system could generate signatures fast enough to increase ability for protecting users. For proposed automatic genera[...]

HoneyPot systems in practice DOI:10.15199/48.2015.02.16

Czytaj za darmo! »

The paper presents the HoneyPot technology as well as the experience gained from their usage in the network of the Institute of Computer Science Warsaw University of Technology. On this background the concept of HoneyPot systems is presented and discussed. The paper is illustrated with the real-life cases of some recent vulnerabilities observed on our HoneyPots. Streszczenie. Praca przedstawia technologię systemów HoneyPot oraz doświadczenia zebrane z ich użycia w sieci Instytutu Informatyki Politechniki Warszawskiej. Na tym tle zaprezentowano i omówiono koncepcję systemów HoneyPot oraz prawdziwe przypadki najnowszych zagrożeń zaobserwowane na naszych systemach HoneyPot. (Systemy HoneyPot w praktyce). Keywords: Network Security, HoneyPot systems, Network Attacks, Exploits. Słowa kluczowe: bezpieczeństwo sieci, systemy HoneyPot, ataki sieciowe, exploity. Introduction Security of information is one of the most important issues in the IT systems nowadays. The growing number of devices connected to the Internet pushed forward the necessity of secure communication and data storage. Internet of Things, Bring Your Own Device (BYOD), Intelligent Cars and Houses, Systems of Systems, Cloudbased solutions are no longer scientific nor marketing concepts but a reality - reality introducing new challenges for security and personal privacy. The undisputable advantage of using cloud solutions is high availability of the users’ data from any location on any device. It is however depended on the Internet connectivity. Fortunately, the high speed broadband is more and more popular [1]. Despite of the user privacy concerns related to the storage of data on third party servers, collection of such information like mobile device locations (e.g. Android devices) or web pages viewed by the user for advertisement, the big problem is the security of networkbased applications and the network itself. That brings us to the problems of dependable networ[...]

Network activity analysis of CryptoWall ransomware DOI:10.15199/48.2015.11.48

Czytaj za darmo! »

The paper presents the analysis of the CryptoWall ransomware network behaviour. In this approach a HoneyPot technology as well as the automatic run-time malware analytical system called Maltester were used. We present the practical results of the analyses, technologies and tools used, and the gained experience with dynamic analysis of ransomware software in a dedicated environment. Most of the data was collected with the use of the HoneyPot infrastructure created and deployed in the network of the Institute of Computer Science WUT. Streszczenie. Praca przedstawia analizę zachowania sieciowego złośliwego oprogramowania CryptoWall typu ransomware. W badaniach wykorzystano technologię HoneyPot oraz system automatycznej analizy działania złośliwego oprogramowania w czasie jego wykonywania o nazwie Maltester. Zaprezentowano zarówno uzyskane wyniki analiz, wykorzystane technologie i narzędzia jak i doświadczenia zebrane podczas analizy oprogramowania typu ransomware w autorskim środowisku analitycznym. Większość danych zebrana została z wykorzystaniem infrastruktury HoneyPot stworzonej i wdrożonej w sieci Instytutu Informatyki Politechniki Warszawskiej. (Dynamiczna analiza aktywności sieciowej oprogramowania CryptoWall typu ransomware). Keywords: Network Security, HoneyPot Systems, Network Attacks, Dynamic Malware Analysis. Słowa kluczowe: bezpieczeństwo sieci, systemy HoneyPot, ataki sieciowe, dynamiczna analiza złośliwego oprogramowania. Introduction HoneyPot systems are known and quite widely used by security researchers for almost 20 years. They allow people from security community to spy attackers, identify new threats, ways of spreading etc. In order to conduct security research, there are various types of HoneyPot systems deployed for several years in the network of Institute of Computer Science in Warsaw University of Technology. Some of the experience gained are already published in [1, 2]. Preliminary works were mainly focused on a[...]

 Strona 1