Execution, Analysis and Detection of Android RATs traffic
Execution, Analysis and Detection of Android RATs traffic
Type of document
bakalářská prácebachelor thesis
Author
Kamila Babayeva
Supervisor
García Sebastián
Opponent
Grill Martin
Study program
Electrical Engineering and Computer ScienceInstitutions assigning rank
katedra elektroenergetikyRights
A university thesis is a work protected by the Copyright Act. Extracts, copies and transcripts of the thesis are allowed for personal use only and at one?s own expense. The use of thesis should be in compliance with the Copyright Act http://www.mkcr.cz/assets/autorske-pravo/01-3982006.pdf and the citation ethics http://knihovny.cvut.cz/vychova/vskp.htmlVysokoškolská závěrečná práce je dílo chráněné autorským zákonem. Je možné pořizovat z něj na své náklady a pro svoji osobní potřebu výpisy, opisy a rozmnoženiny. Jeho využití musí být v souladu s autorským zákonem http://www.mkcr.cz/assets/autorske-pravo/01-3982006.pdf a citační etikou http://knihovny.cvut.cz/vychova/vskp.html
Metadata
Show full item recordAbstract
Mobile devices are at risk of cyber attacks, and one of the most dangerous attacks on mobile phones is Remote Access Trojans (RATs). RATs are malicious programs that provide unauthorized remote access to the infected phones to control them completely and access all their data. Detecting Android RATs in phones is challenging since it is hard to access the network traffic in the same phone or to capture it externally. More importantly, it is very hard or even impossible to have AntiVirus applications in the phone that can protect it from these attacks, leaving the detection in the network as the only option. This bachelor thesis proposes to detect RATs in Android phones by (i) creating the first-ever network traffic dataset of Android RATs executed in real phones, (ii) analysing the RATs' network traffic behaviors, (iii) proposing and implementing new network-based detection techniques. We concluded that after a deeper understanding of how Android RATs work, it is possible to detect their communications in the network and to differentiate them from normal traffic with good precision. Mobile devices are at risk of cyber attacks, and one of the most dangerous attacks on mobile phones is Remote Access Trojans (RATs). RATs are malicious programs that provide unauthorized remote access to the infected phones to control them completely and access all their data. Detecting Android RATs in phones is challenging since it is hard to access the network traffic in the same phone or to capture it externally. More importantly, it is very hard or even impossible to have AntiVirus applications in the phone that can protect it from these attacks, leaving the detection in the network as the only option. This bachelor thesis proposes to detect RATs in Android phones by (i) creating the first-ever network traffic dataset of Android RATs executed in real phones, (ii) analysing the RATs' network traffic behaviors, (iii) proposing and implementing new network-based detection techniques. We concluded that after a deeper understanding of how Android RATs work, it is possible to detect their communications in the network and to differentiate them from normal traffic with good precision.
Collections
- Bakalářské práce - 13115 [287]