1 documents found
Information × Registration Number 0219U101931, 0119U102098 , R & D reports Title Research, analysis and modelling of modern security threats of information systems on example of vulnerabilities of application and server software for Windows and Linux operating systems popup.stage_title Head Novikov Oleksii M., Доктор технічних наук Registration Date 02-12-2019 Organization National Technical University of Ukraine "Igor Sikorsky Kyiv Polytechnic Institute" popup.description2  Research report: 172 pages, 101 figs, 2 appendices, 23 bibliography. Malware samples, software vulnerabilities and related offensive technologies for Windows, Linux and web applications were analysed. In current research detailed analysis were performed of software vulnerabilities and corresponding models of exploits for local privilege escalation (CVE-2019-1405, CVE-2019-1322), anti-virus software technologies and intrusion detection systems bypass (AMSI bypass methods, Windows Defender neutralization, zero day bypass for malwareless attacks protection of Windows Defender), methods of malicious software and program code obfuscation. Samples of the Turla malware were analyzed. For Linux and derivatives, vulnerabilities CVE-2019-2107, CVE-2019-2215, CVE-2019-11043, CVE-2019-16920 are analyzed, methods for bypassing kernel security mechanisms and custom components that hinder privilege escalation when using read-write primitive in kernel space. Samples of malicious EvilGnome software have been analyzed. The vulnerabilities of the popular vBulletin web forum system (CVE-2019-17132, CVE-2019-16759), the Joomla content management system (code execution in configuration.php versions up to 3.4.6) were explored. Usage of Shodan for automation of mass exploitation of investigated vulnerabilities is considered. The obtained results can be used for security improvement of national information systems. MALWARE ANTI-DETECTION, MALWARE ANTI-ANALYSIS, MALWARE RESEARCH Product Description popup.authors Ilin Kostiantyn І. Ilin Mykola I. Voitsekhovskyi Andrii V. Mazurenko Oksana A. Novikov Oleksii M. YAKOBCHUK DMYTRO І. popup.nrat_date 2020-04-02 Close
R & D report
Research, analysis and modelling of modern security threats of information systems on example of vulnerabilities of application and server software for Windows and Linux operating systems
Head: Novikov Oleksii M.. Research, analysis and modelling of modern security threats of information systems on example of vulnerabilities of application and server software for Windows and Linux operating systems. (popup.stage: ). National Technical University of Ukraine "Igor Sikorsky Kyiv Polytechnic Institute". № 0219U101931
1 documents found

Updated: 2026-03-26


Роздрукувати цю сторінку