I successfully finished Bachelor's degree at CTU in Prague by defending this Bachelor thesis. It focuses on forensic analysis and the goal was to create tool for server log forensics.
In terms of programming languages, my code is a combination of Pearl and C++.
Full thesis is here: thesis/text/BP_Lejnar_Jan_2017.pdf
This is my seminar job that I created, when I was learning Architecture and Design Patterns in CTU Prague.
This thesis deals with the forensic analysis of server logs, how to connect and utilize the data taken from these log files. The goal is to design a modular tool that has the ability to create an overview of events within a defined time interval. Correlations can be seen in the report. For example suspicious activities such as unsuccessful login attempt and following repeated attempts to authenticate from the same source address, etc. The tool can be used to increase security and monitor events on the server. The application is built in part on an existing solution that had been slightly improved for the purpose of this work. The second part is the graphic superstructure that I created in the Qt framework. It is a combination of C ++ and Perl from the perspective of programming languages. The result of the work is a functional application that is ready for further expansion. The server administrator will easy manage to specify suspicious activities he wants to track. The solution created successfully merges data from server logs and performs forensic analysis.
forensic analysis, server logs, event monitoring, suspicious activities, security, modular tool, Qt, C++, Perl