Implementation of common attack techniques and detection of malicious binaries and executables using machine learning-based detector in Microsoft Windows environment
In digital networks, the most common goal of cybercriminals is to steal high-privilege credentials or valuable data. By obtaining high-privilege credentials, cybercriminals can easily navigate, destroy, or steal an organization's data, such as bank details, personal data, and intellectual prope...
Saved in:
| Main Author: | |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Animo Repository
2021
|
| Subjects: | |
| Online Access: | https://animorepository.dlsu.edu.ph/etdm_ece/10 https://animorepository.dlsu.edu.ph/context/etdm_ece/article/1006/viewcontent/ladrido2.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | De La Salle University |
| Language: | English |
| id |
oai:animorepository.dlsu.edu.ph:etdm_ece-1006 |
|---|---|
| record_format |
eprints |
| spelling |
oai:animorepository.dlsu.edu.ph:etdm_ece-10062021-09-22T07:19:23Z Implementation of common attack techniques and detection of malicious binaries and executables using machine learning-based detector in Microsoft Windows environment Ladrido, John Martin M. In digital networks, the most common goal of cybercriminals is to steal high-privilege credentials or valuable data. By obtaining high-privilege credentials, cybercriminals can easily navigate, destroy, or steal an organization's data, such as bank details, personal data, and intellectual properties. With the advent of information technology and operational technology convergence like the Internet of things (IoT), it becomes more critical on protecting the high-privilege credentials as cybercriminals can have the power to control operational technologies such as industrial control systems (ICS) and supervisory control and data acquisition (SCADA). Unfortunately, even with this information, many organizations are easily susceptible to these attacks, especially manufacturing firms. This thesis presents how cybercriminals from the Internet can utilize malicious payloads and executables to compromise an organization. This thesis’ attack methods emphasize how cybercriminals perform initial compromise, establish a foothold, escalate privileges, and move laterally within the organizations using the compromised or stolen credentials. This thesis also shows how organizations can detect the malicious binaries and executables utilized in the attacks to protect their digital infrastructure from adversaries using (ML) machine learning-based detection. Doing so could help organizations be equipped with proper knowledge in understanding the underlying attack and, at the same time, implement their detection mechanism specific to the cybercriminals attacking their network. 2021-09-23T07:00:00Z text application/pdf https://animorepository.dlsu.edu.ph/etdm_ece/10 https://animorepository.dlsu.edu.ph/context/etdm_ece/article/1006/viewcontent/ladrido2.pdf Electronics And Communications Engineering Master's Theses English Animo Repository Malware (Computer software) Computer crimes Internet fraud Machine learning Computers—Access control—Passwords Electrical and Computer Engineering |
| institution |
De La Salle University |
| building |
De La Salle University Library |
| continent |
Asia |
| country |
Philippines Philippines |
| content_provider |
De La Salle University Library |
| collection |
DLSU Institutional Repository |
| language |
English |
| topic |
Malware (Computer software) Computer crimes Internet fraud Machine learning Computers—Access control—Passwords Electrical and Computer Engineering |
| spellingShingle |
Malware (Computer software) Computer crimes Internet fraud Machine learning Computers—Access control—Passwords Electrical and Computer Engineering Ladrido, John Martin M. Implementation of common attack techniques and detection of malicious binaries and executables using machine learning-based detector in Microsoft Windows environment |
| description |
In digital networks, the most common goal of cybercriminals is to steal high-privilege credentials or valuable data. By obtaining high-privilege credentials, cybercriminals can easily navigate, destroy, or steal an organization's data, such as bank details, personal data, and intellectual properties. With the advent of information technology and operational technology convergence like the Internet of things (IoT), it becomes more critical on protecting the high-privilege credentials as cybercriminals can have the power to control operational technologies such as industrial control systems (ICS) and supervisory control and data acquisition (SCADA). Unfortunately, even with this information, many organizations are easily susceptible to these attacks, especially manufacturing firms. This thesis presents how cybercriminals from the Internet can utilize malicious payloads and executables to compromise an organization. This thesis’ attack methods emphasize how cybercriminals perform initial compromise, establish a foothold, escalate privileges, and move laterally within the organizations using the compromised or stolen credentials. This thesis also shows how organizations can detect the malicious binaries and executables utilized in the attacks to protect their digital infrastructure from adversaries using (ML) machine learning-based detection. Doing so could help organizations be equipped with proper knowledge in understanding the underlying attack and, at the same time, implement their detection mechanism specific to the cybercriminals attacking their network. |
| format |
text |
| author |
Ladrido, John Martin M. |
| author_facet |
Ladrido, John Martin M. |
| author_sort |
Ladrido, John Martin M. |
| title |
Implementation of common attack techniques and detection of malicious binaries and executables using machine learning-based detector in Microsoft Windows environment |
| title_short |
Implementation of common attack techniques and detection of malicious binaries and executables using machine learning-based detector in Microsoft Windows environment |
| title_full |
Implementation of common attack techniques and detection of malicious binaries and executables using machine learning-based detector in Microsoft Windows environment |
| title_fullStr |
Implementation of common attack techniques and detection of malicious binaries and executables using machine learning-based detector in Microsoft Windows environment |
| title_full_unstemmed |
Implementation of common attack techniques and detection of malicious binaries and executables using machine learning-based detector in Microsoft Windows environment |
| title_sort |
implementation of common attack techniques and detection of malicious binaries and executables using machine learning-based detector in microsoft windows environment |
| publisher |
Animo Repository |
| publishDate |
2021 |
| url |
https://animorepository.dlsu.edu.ph/etdm_ece/10 https://animorepository.dlsu.edu.ph/context/etdm_ece/article/1006/viewcontent/ladrido2.pdf |
| _version_ |
1767196031971229696 |