Master thesis project done together with University of Trento and Auxilium Cyber Security GmbH. Goal of the thesis was to research existing deepnet and darknet communities and to devise a methodology which would allow extraction of useful threat intelligence connected to malware, exploits and related services and products. Several underground resources had been researched out of which two selected closed communities were infiltrated. Subsequently, tool for automated covert data collection from those resources was developed. Tool for analyzing the collected data was also proposed as part of the thesis and extracted threat intelligence is currently being used by one of the Auxilium products.
Aim was to investigate Russian state and non-state cyber capabilities, mainly focusing on the Russian ability to spread propaganda and disinformation and the ability to wage a cyber war. Several present and past events that are in general perceived as Russian activity are described including Estonian cyber attacks in 2007, cyber warfare during Russo-Georgian conflict in 2008, paid pro-government comment trolling on Russian portals and the rise of international pro-Kremlin propaganda during the Ukrainian crisis (specifically concentrating to the impact caused in Czech and Ukrainian cyberspace).
Link to pdfMy objective was to briefly describe the history of information security including the most influential research as well as examples of successful and failed real-world implementations. Sections are logically structured according to the distinct domains of information security. Introduction provides fundamental background to the theory of information security with subsequent sections covering history of cryptography, hardware security, network security, system security and application security. Conclusion covers the most recent trends in the field of information security and possible future outlook.
Link to pdfTheoretical part covers the architecture of Android operating system and elaborates on what modifications are feasible with/without the availability of source codes. Practical part consists of development of system update for Ainol Novo 7 Crystal tablet and research on how to apply this update over SSH. OS Android source codes for this specific tablet model have never been released and update was thus develop by means of reverse engineering build in the tablet and changing its Java bytecode. Update optimized the behavior of ethernet interface. It was deployed in tablets which are part of Ackee's “Domovník” (home doorbell system) hardware solution and proved to be fully functional. More information on can be found here.
Link to pdf