Security threats detection and treatment in communication networks

V magistrskem delu smo se ukvarjali z ATP rešitvijo podjetja Trend Micro, DDI in DDA. Za izvedbo magistrskega dela smo podrobneje spoznali postopke uporabe DDI in DDA. Najprej smo opisali zmožnosti in funkcije DDI in DDA. Postavili smo ustrezni testni sistem in spremljali grožnje, ki se pojavljajo v komunikacijskih omrežjih, ter njihovo delovanje preučevali v peskovniku. Poleg tega smo primerjali vplive različnih vrst zlonamerne programske kode in analizirali postopke ukrepanj ob zaznanih varnostnih incidentih. V zadnjem delu naloge so predstavljeni predlogi za izboljšanje informacijske varnosti, ki smo jih definirali s pomočjo rezultatov obravnavanja groženj z DDI in DDA. The subject of this master thesis was Trend Micro ATP solution DDI and DDA. For the realisation of our work, we studied usage procedures of DDI and DDA in detail. First, we describe capabilities and functions of DDI and DDA. Then we analysed detected malware which appeared inside monitored communication network. We also compared different types of malware and studied their effect on different devices. At the end we present suggestions to improve information security in the monitored network, which we defined with results of malware analysis with DDI and DDA.