| Meno: | Jakub |
|---|---|
| Priezvisko: | ©koda |
| Názov: | Analysing repacked Telegram and Signal with use of observability and security tools |
| Vedúci: | doc. RNDr. Daniel Olejár, PhD. |
| Rok: | 2024 |
| Kµúčové slová: | behavioral analysis, black-box analysis, eBPF, Linux, malware, observability tools, repackaging attacks, security tools, Signal, strace, Telegram, Wireshark |
| Abstrakt: | In this diploma thesis, we analyse repacked versions of Signal and Telegram instant messaging applications in the Linux environment with the use of various observability and security tools. In Chapter 1, we introduce past and current examples of repackaging attacks and define the functioning of the attack. A repackaging attack is a frequently used malware distribution method for various operating systems, especially for the Android operating system. In the Linux environment, there is not enough up-to-date research on this type of attack. In Chapter 2, we focus on selected observability tools and security tools in the Linux ecosystem and clarify the difference between them. Chapter 3 provides an overview of selected forensic analyses of Telegram, Signal, and other instant messaging applications for various operating systems. We highlight the most important findings and what has changed since their publication. Finally, in Chapter 4 we present the output of multiple Linux tracing tools used to compare the official signal-desktop application with the unofficial signal-cli, Telegram, as well as minimal examples of Qt and Electron frameworks. |
Súbory diplomovej práce:
| JakubSkoda-Thesis.pdf |
Súbory prezentácie na obhajobe: