PowerDP: De-Obfuscating and Profiling Malicious PowerShell Commands With Multi-Label Classifiers

PowerDP: De-Obfuscating and Profiling Malicious PowerShell Commands With Multi-Label Classifiers

In recent years, PowerShell has become the common tool that helps attackers launch targeted attacks using living-off-the-land tactics and fileless attack techniques. Unfortunately, malware-derived PowerShell Commands (PSCmds) have typically been obfuscated to hide the malicious intent from detection...

Full description

Bibliographic Details
Main Authors: Meng-Han Tsai, Chia-Ching Lin, Zheng-Gang He, Wei-Chieh Yang, Chin-Laung Lei
Format: Article
Language:English
Published: IEEE 2023-01-01
Series:IEEE Access
Subjects:
PowerShell
de-obfuscation
machine learning
deep learning
abstract syntax trees
multi-label classification
Online Access:https://ieeexplore.ieee.org/document/9999441/

Internet

https://ieeexplore.ieee.org/document/9999441/

Similar Items