Effects of Removing User-Land Hooks in Endpoint Protection During Attack Experiments

Effects of Removing User-Land Hooks in Endpoint Protection During Attack Experiments

This paper conducts research on current-generation Endpoint Detection and Response (EDR) solution design that identifies fundamental gaps in the prevention and detection of malicious cyber techniques. These fundamental gaps are the result of using “user-land hooks” or &#x20...

Full description

Bibliographic Details
Main Authors:	Trevor M. Lewis, Bhaskar P. Rimal
Format:	Article
Language:	English
Published:	IEEE 2024-01-01
Series:	IEEE Access
Subjects:	API hooking ATT&CK ATT&CK technique experimentation EDR endpoint detection and response endpoint protection
Online Access:	https://ieeexplore.ieee.org/document/10412066/

Similar Items

Toward Effective Evaluation of Cyber Defense: Threat Based Adversary Emulation Approach
by: Abdul Basit Ajmal, et al.
Published: (2023-01-01)

Advanced Persistent Threat (APT) and intrusion detection evaluation dataset for linux systems 2024
by: Syed Sohaib Karim, et al.
Published: (2024-06-01)

Dynamic Risk Assessment and Analysis Framework for Large-Scale Cyber-Physical Systems
by: Adeel A. Malik, et al.
Published: (2022-01-01)

CVE2ATT&CK: BERT-Based Mapping of CVEs to MITRE ATT&CK Techniques
by: Octavian Grigorescu, et al.
Published: (2022-08-01)

Multiontology Construction and Application of Threat Model Based on Adversarial Attack and Defense Under ISO/IEC 27032
by: Xuan Hu, et al.
Published: (2022-01-01)

Malicious File Detection Method Using Machine Learning and Interworking with MITRE ATT&CK Framework
by: Gwanghyun Ahn, et al.
Published: (2022-10-01)

Exploiting TTP Co-Occurrence via GloVe-Based Embedding With MITRE ATT&CK Framework
by: Chanho Shin, et al.
Published: (2023-01-01)

SBI Model for the Detection of Advanced Persistent Threat Based on Strange Behavior of Using Credential Dumping Technique
by: Nachaat Mohamed, et al.
Published: (2021-01-01)

Similarity Analysis of Ransomware Attacks Based on ATT&CK Matrix
by: Zheyu Song, et al.
Published: (2023-01-01)

Research on Cyber ISR Visualization Method Based on BGP Archive Data through Hacking Case Analysis of North Korean Cyber-Attack Groups
by: Jaepil Youn, et al.
Published: (2022-12-01)

Key Requirements for the Detection and Sharing of Behavioral Indicators of Compromise
by: Antonio Villalón-Huerta, et al.
Published: (2022-01-01)

Camp2Vec: Embedding cyber campaign with ATT&CK framework for attack group analysis
by: Insup Lee, et al.
Published: (2023-12-01)

Defining the end point of drug therapy in tuberculosis of spine: Analysis of 76 cases in a tertiary care centre
by: Aayush Bhargava, et al.
Published: (2024-01-01)

A Survey of MulVAL Extensions and Their Attack Scenarios Coverage
by: David Tayouri, et al.
Published: (2023-01-01)

Fronesis: Digital Forensics-Based Early Detection of Ongoing Cyber-Attacks
by: Athanasios Dimitriadis, et al.
Published: (2023-01-01)

Evaluation of a Cyber Risk Assessment Approach for Cyber–Physical Systems: Maritime- and Energy-Use Cases
by: Ahmed Amro, et al.
Published: (2023-03-01)

Assessment of the Distributed Ledger Technology for Energy Sector Industrial and Operational Applications Using the MITRE ATT&CK® ICS Matrix
by: Annabelle Lee, et al.
Published: (2023-01-01)

Assessing MITRE ATT&CK Risk Using a Cyber-Security Culture Framework
by: Anna Georgiadou, et al.
Published: (2021-05-01)

BAN: Predicting APT Attack Based on Bayesian Network With MITRE ATT&CK Framework
by: Youngjoon Kim, et al.
Published: (2023-01-01)

Cyberattack Models for Ship Equipment Based on the MITRE ATT&CK Framework
by: Yonghyun Jo, et al.
Published: (2022-02-01)

A Taxonomy for Threat Actors’ Delivery Techniques
by: Antonio Villalón-Huerta, et al.
Published: (2022-04-01)

Assessing Cyber Risks of an INS Using the MITRE ATT&CK Framework
by: Aybars Oruc, et al.
Published: (2022-11-01)

Offensive Security: Towards Proactive Threat Hunting via Adversary Emulation
by: Abdul Basit Ajmal, et al.
Published: (2021-01-01)

A Threat Hunting Framework for Industrial Control Systems
by: Zahra Jadidi, et al.
Published: (2021-01-01)

Introducing the UWF-ZeekDataFall22 Dataset to Classify Attack Tactics from Zeek Conn Logs Using Spark’s Machine Learning in a Big Data Framework
by: Sikha S. Bagui, et al.
Published: (2023-12-01)

Analysis and Characterization of Cyber Threats Leveraging the MITRE ATT&CK Database
by: Bader Al-Sada, et al.
Published: (2024-01-01)

Using a Graph Engine to Visualize the Reconnaissance Tactic of the MITRE ATT&CK Framework from UWF-ZeekData22
by: Sikha S. Bagui, et al.
Published: (2023-07-01)

Pulmonary tuberculosis as differential diagnosis of lung cancer
by: MLB Bhatt, et al.
Published: (2012-07-01)

Introducing UWF-ZeekData22: A Comprehensive Network Traffic Dataset Based on the MITRE ATT&CK Framework
by: Sikha S. Bagui, et al.
Published: (2023-01-01)

Study of methods for endpoint aware inspection in a next generation firewall
by: Jenny Heino, et al.
Published: (2022-09-01)

A study on factors leading to treatment interruption among TB patients at GHTM
by: R Sridhar, et al.
Published: (2018-01-01)

T-SPOT: A STEP AHEAD!
by: Sadia Hameed, et al.
Published: (2020-02-01)

Path-ATT-CNN: A Novel Deep Neural Network Method for Key Pathway Identification of Lung Cancer
by: Lin Yuan, et al.
Published: (2022-06-01)

Surrogate endpoints in trials: a call for better reporting
by: Oriana Ciani, et al.
Published: (2022-12-01)

Role of degree and weighted coreness based on endpoints in link prediction
by: Jiaqi Hao, et al.
Published: (2022-10-01)

Surrogate endpoint evaluation using data from one large global randomized controlled trial
by: Milan Geybels, et al.
Published: (2021-05-01)

When do we need clinical endpoint adjudication in clinical trials?
by: Claes Held
Published: (2019-01-01)

Entre armas leves e a regulamentação internacional: para que lado o Brasil dirige uma política pública?
by: Cristiano Armando Diniz Guerra Silvestre, et al.
Published: (2016-08-01)

Guidewire Endpoint Detection Based on Pixel‐Adjacent Relation during Robot‐Assisted Intravascular Catheterization: In Vivo Mammalian Models
by: Wenjing Du, et al.
Published: (2024-04-01)

A duplex endpoint PCR assay for rapid detection and differentiation of Leptospira strains
by: Douadi Benacer, et al.