Search academic texts

Information × Registration Number 0216U006653, 0115U006614 , R & D reports Title Research, analysis and modelling of modern security threats in Windows operating system popup.stage_title Head Novikov Alex, Registration Date 15-04-2016 Organization Faculty of аircraft and space systems NTUU "KPI" popup.description2 In this work we analyzed modern security threats to Windows operating system on example of "one day" vulnerabilities of Microsoft Office and Adobe Flash. The goal of the work is to improve effectiveness of information security in information systems, taking into account the latest models and descriptions of mechanisms and algorithms of the malware components that exploit vulnerabilities of Windows software. We have investigated vulnerabilities of Adobe Flash CVE-2014-0515, CVE-2014-0556, CVE-2015-0311, CVE-2015-0313, CVE-2015-5560 and Microsoft Office CVE-2015-1770, CVE-2015-2545, MS15 -132. As part of Microsoft Office vulnerabilities research we also examined technologies of corporate control systems security bypass, different exploit components for ASLR and EMET bypass, methods documents tracking, methods of document structures obfuscation. On the vulnerability simulation phase we also investigated bypass methods based on WMI and Powershell, and illustrated them on examples of RAM analysis software WMIkatz, application hiding in powershell.exe, persistence methods, methods of UAC bypass and other. Results can be used to improve the effectiveness of information security protection systems. BINARY EXPLOITS, MALWARE, 1DAY VULNERABILITY, DETECTION BYPASS Product Description popup.authors Ільїн Костянтин Іванович Ільїн Микола Іванович Крахмалюк Іван Геннадійович Мазуренко Оксана Анатоліївна Новіков Олексій Миколайович Ситник Віктор Вікторович popup.nrat_date 2020-04-02 Close