An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors

An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors

Advanced persistent threats pose a significant challenge for blue teams as they apply various attacks over prolonged periods, impeding event correlation and their detection. In this work, we leverage various diverse attack scenarios to assess the efficacy of EDRs against detecting and preventing APT...

Full description

Bibliographic Details
Main Authors:	George Karantzas, Constantinos Patsakis
Format:	Article
Language:	English
Published:	MDPI AG 2021-07-01
Series:	Journal of Cybersecurity and Privacy
Subjects:	advanced persistent threats EDR malware evasion
Online Access:	https://www.mdpi.com/2624-800X/1/3/21

Similar Items

A New Proposal on the Advanced Persistent Threat: A Survey
by: Santiago Quintero-Bonilla, et al.
Published: (2020-06-01)

Anteater: Advanced Persistent Threat Detection With Program Network Traffic Behavior
by: Yangzong Zhang, et al.
Published: (2024-01-01)

MVFCC: A Multi-View Fuzzy Consensus Clustering Model for Malware Threat Attribution
by: Hamed Haddadpajouh, et al.
Published: (2020-01-01)

Nation-State Threat Actor Attribution Using Fuzzy Hashing
by: Michal Kida, et al.
Published: (2023-01-01)

A review of threat modelling approaches for APT-style attacks
by: Matt Tatam, et al.
Published: (2021-01-01)

Detection and Classification of Advanced Persistent Threats and Attacks Using the Support Vector Machine
by: Wen-Lin Chu, et al.
Published: (2019-10-01)

A Novel Method for Detecting Advanced Persistent Threat Attack Based on Belief Rule Base
by: Guozhu Wang, et al.
Published: (2021-10-01)

Security Countermeasures of a SCIRAS Model for Advanced Malware Propagation
by: J. D. Hernandez Guillen, et al.
Published: (2019-01-01)

Advanced Persistent Threat (APT) and intrusion detection evaluation dataset for linux systems 2024
by: Syed Sohaib Karim, et al.
Published: (2024-06-01)

E-APTDetect: Early Advanced Persistent Threat Detection in Critical Infrastructures with Dynamic Attestation
by: Béla Genge, et al.
Published: (2023-03-01)

Evolutionary Game Theoretic Analysis of Advanced Persistent Threats Against Cloud Storage
by: Ahmed A. Alabdel Abass, et al.
Published: (2017-01-01)

A novel approach for detecting advanced persistent threats
by: Jaafer Al-Saraireh, et al.
Published: (2022-12-01)

Big knowledge-based semantic correlation for detecting slow and low-level advanced persistent threats
by: Amir Mohammadzade Lajevardi, et al.
Published: (2021-11-01)

Advanced Persistent Threats and Their Defense Methods in Industrial Internet of Things: A Survey
by: Chenquan Gan, et al.
Published: (2023-07-01)

An adaptive defense mechanism to prevent advanced persistent threats
by: Yi-xi Xie, et al.
Published: (2021-04-01)

Advanced Persistent Threat attack detection method in cloud computing based on autoencoder and softmax regression algorithm
by: Fargana J. Abdullayeva
Published: (2021-07-01)

Expert knowledge and data analysis for detecting advanced persistent threats
by: Moya Juan Ramón, et al.
Published: (2017-08-01)

A Review on Security of Smart Farming and Precision Agriculture: Security Aspects, Attacks, Threats and Countermeasures
by: Abbas Yazdinejad, et al.
Published: (2021-08-01)

Propagation of the Malware Used in APTs Based on Dynamic Bayesian Networks
by: Jose D. Hernandez Guillen, et al.
Published: (2021-11-01)

Hidden Markov Models and Alert Correlations for the Prediction of Advanced Persistent Threats
by: Ibrahim Ghafir, et al.
Published: (2019-01-01)

TIM: threat context-enhanced TTP intelligence mining on unstructured threat data
by: Yizhe You, et al.
Published: (2022-02-01)

An Intelligent System to Detect Advanced Persistent Threats in Industrial Internet of Things (I-IoT)
by: Safdar Hussain Javed, et al.
Published: (2022-02-01)

On Dynamic Recovery of Cloud Storage System Under Advanced Persistent Threats
by: Pengdeng Li, et al.
Published: (2019-01-01)

A prospective approach to detect advanced persistent threats: Utilizing hybrid optimization technique
by: Indra Kumari, et al.
Published: (2023-11-01)

Unravelling Ariadne’s Thread: Exploring the Threats of Decentralised DNS
by: Constantinos Patsakis, et al.
Published: (2020-01-01)

Utilizing Cyber Threat Hunting Techniques to Find Ransomware Attacks: A Survey of the State of the Art
by: Fatimah Aldauiji, et al.
Published: (2022-01-01)

Potential Risk Analysis Method for Malware Distribution Networks
by: Dohoon Kim
Published: (2019-01-01)

Effects of Removing User-Land Hooks in Endpoint Protection During Attack Experiments
by: Trevor M. Lewis, et al.
Published: (2024-01-01)

A flexible approach for cyber threat hunting based on kernel audit records
by: Fengyu Yang, et al.
Published: (2022-06-01)

Security Requirement Recommendation Method Using Case-Based Reasoning to Prevent Advanced Persistent Threats
by: Ji-Wook Jung, et al.
Published: (2023-01-01)

Analysis and Characterization of Cyber Threats Leveraging the MITRE ATT&CK Database
by: Bader Al-Sada, et al.
Published: (2024-01-01)

A Feasibility Study on Evasion Attacks Against NLP-Based Macro Malware Detection Algorithms
by: Mamoru Mimura, et al.
Published: (2023-01-01)

Honeypot game‐theoretical model for defending against APT attacks with limited resources in cyber‐physical systems
by: Wen Tian, et al.
Published: (2019-09-01)

Black-Box Evasion Attack Method Based on Confidence Score of Benign Samples
by: Shaohan Wu, et al.
Published: (2023-05-01)

Advanced techniques in the analysis of traffic accidents
by: Bodolo Ištvan
Published: (2023-01-01)

Trends in Malware Attacks against United States Healthcare Organizations, 2016-2017
by: Lauren E Branch, et al.
Published: (2019-02-01)

Enhanced detection of obfuscated malware in memory dumps: a machine learning approach for advanced cybersecurity
by: Md. Alamgir Hossain, et al.
Published: (2024-01-01)

BAN: Predicting APT Attack Based on Bayesian Network With MITRE ATT&CK Framework
by: Youngjoon Kim, et al.
Published: (2023-01-01)

Under false flag: using technical artifacts for cyber attack attribution
by: Florian Skopik, et al.
Published: (2020-03-01)

Design of Vital Sign Monitor with ECG, BPM, and Respiration Rate Parameters
by: Gede Aditya Mahendra Oka, et al.
Published: (2021-02-01)