Execution, Analysis and Detection of Android RATs traffic
Execution, Analysis and Detection of Android RATs traffic
Typ dokumentu
bakalářská prácebachelor thesis
Autor
Kamila Babayeva
Vedoucí práce
García Sebastián
Oponent práce
Grill Martin
Studijní program
Electrical Engineering and Computer ScienceInstituce přidělující hodnost
katedra elektroenergetikyPráva
A university thesis is a work protected by the Copyright Act. Extracts, copies and transcripts of the thesis are allowed for personal use only and at one?s own expense. The use of thesis should be in compliance with the Copyright Act http://www.mkcr.cz/assets/autorske-pravo/01-3982006.pdf and the citation ethics http://knihovny.cvut.cz/vychova/vskp.htmlVysokoškolská závěrečná práce je dílo chráněné autorským zákonem. Je možné pořizovat z něj na své náklady a pro svoji osobní potřebu výpisy, opisy a rozmnoženiny. Jeho využití musí být v souladu s autorským zákonem http://www.mkcr.cz/assets/autorske-pravo/01-3982006.pdf a citační etikou http://knihovny.cvut.cz/vychova/vskp.html
Metadata
Zobrazit celý záznamAbstrakt
Mobile devices are at risk of cyber attacks, and one of the most dangerous attacks on mobile phones is Remote Access Trojans (RATs). RATs are malicious programs that provide unauthorized remote access to the infected phones to control them completely and access all their data. Detecting Android RATs in phones is challenging since it is hard to access the network traffic in the same phone or to capture it externally. More importantly, it is very hard or even impossible to have AntiVirus applications in the phone that can protect it from these attacks, leaving the detection in the network as the only option. This bachelor thesis proposes to detect RATs in Android phones by (i) creating the first-ever network traffic dataset of Android RATs executed in real phones, (ii) analysing the RATs' network traffic behaviors, (iii) proposing and implementing new network-based detection techniques. We concluded that after a deeper understanding of how Android RATs work, it is possible to detect their communications in the network and to differentiate them from normal traffic with good precision. Mobile devices are at risk of cyber attacks, and one of the most dangerous attacks on mobile phones is Remote Access Trojans (RATs). RATs are malicious programs that provide unauthorized remote access to the infected phones to control them completely and access all their data. Detecting Android RATs in phones is challenging since it is hard to access the network traffic in the same phone or to capture it externally. More importantly, it is very hard or even impossible to have AntiVirus applications in the phone that can protect it from these attacks, leaving the detection in the network as the only option. This bachelor thesis proposes to detect RATs in Android phones by (i) creating the first-ever network traffic dataset of Android RATs executed in real phones, (ii) analysing the RATs' network traffic behaviors, (iii) proposing and implementing new network-based detection techniques. We concluded that after a deeper understanding of how Android RATs work, it is possible to detect their communications in the network and to differentiate them from normal traffic with good precision.
Kolekce
- Bakalářské práce - 13115 [287]