Machine Learning and Feature Engineering for Detecting Living off the Land Attacks

被引：0

作者：

Boros, Tiberiu ^{[1
]}

Cotaie, Andrei ^{[1
]}

Stan, Antrei ^{[1
]}

Vikramjeet, Kumar ^{[2
]}

Malik, Vivek ^{[2
]}

Davidson, Joseph ^{[2
]}

机构：

[1] Adobe Syst, Bucharest, Romania

[2] Adobe Syst, San Jose, CA USA

来源：

PROCEEDINGS OF THE 7TH INTERNATIONAL CONFERENCE ON INTERNET OF THINGS, BIG DATA AND SECURITY (IOTBDS) | 2022年

关键词：

Machine Learning; Living-off-the-Land (LotL); Feature Engineering; Artificial Intelligence; Random Forest; Commands; CommandLine; OpenSource; Linux;

D O I：

10.5220/0011004500003194

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Among the methods used by attackers to avoid detection, living off the land is particularly hard to detect. One of the main reasons is the thin line between what is actually operational/admin activity and what is malicious activity. Also, as shown by other research, this type of attack detection is underrepresented in Anti-Virus (AV) software, mainly because of the high risk of false positives. Our research focuses on detecting this type of attack through the use of machine learning. We greatly reduce the number of false detection by corpora design and specialized feature engineering which brings in-domain human expert knowledge. Our code is open-source and we provide pre-trained models.

引用

页码：133 / 140

页数：8

共 50 条

[1] Feature Engineering and Machine Learning Pipeline for Detecting Radio Protocol-based Attacks
Muhammad, Auwn
Abdelrazek, Loay
Ullah, Ikram
2023 IEEE WIRELESS COMMUNICATIONS AND NETWORKING CONFERENCE, WCNC, 2023,
[2] Machine Learning Modelling and Feature Engineering in Seismology Experiment
Brykov, Michail Nikolaevich
Petryshynets, Ivan
Pruncu, Catalin Iulian
Efremenko, Vasily Georgievich
Pimenov, Danil Yurievich
Giasin, Khaled
Sylenko, Serhii Anatolievich
Wojciechowski, Szymon
SENSORS, 2020, 20 (15) : 1 - 15
[3] Evaluating the Impact of Feature Selection Methods on the Performance of the Machine Learning Models in Detecting DDoS Attacks
Bindra, Naveen
Sood, Manu
ROMANIAN JOURNAL OF INFORMATION SCIENCE AND TECHNOLOGY, 2020, 23 (03): : 250 - 261
[4] Machine-Learning Techniques for Detecting Attacks in SDN
Elsayed, Mahmoud Said
Nhien-An Le-Khac
Dev, Soumyabrata
Jurcut, Anca Delia
PROCEEDINGS OF 2019 IEEE 7TH INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND NETWORK TECHNOLOGY (ICCSNT 2019), 2019, : 277 - 281
[5] Detecting web-based attacks by machine learning
Cao, Lai-Cheng
PROCEEDINGS OF 2006 INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND CYBERNETICS, VOLS 1-7, 2006, : 2737 - 2742
[6] Machine Learning Techniques for Detecting Phishing URL Attacks
Mosa, Diana T.
Shams, Mahmoud Y.
Abohany, Amr A.
El-kenawy, El-Sayed M.
Thabet, M.
CMC-COMPUTERS MATERIALS & CONTINUA, 2023, 75 (01): : 1271 - 1290
[7] Detecting Saturation Attacks in SDN via Machine Learning
Khamaiseh, Sarver
Serra, Edoardo
Li, Zhiyuan
Xu, Dianxiang
2019 4TH INTERNATIONAL CONFERENCE ON COMPUTING, COMMUNICATIONS AND SECURITY (ICCCS), 2019,
[8] Machine-Learning Assisted Side-Channel Attacks on RNS ECC Implementations Using Hybrid Feature Engineering
Mukhtar, Naila
Papachristodoulou, Louiza
Fournaris, Apostolos P.
Batina, Lejla
Kong, Yinan
CONSTRUCTIVE SIDE-CHANNEL ANALYSIS AND SECURE DESIGN, COSADE 2022, 2022, 13211 : 3 - 28
[9] Approach to Detecting Attacks against Machine Learning Systems with a Generative Adversarial Network
Kotenko, I. V.
Saenko, I. B.
Lauta, O. S.
Vasilev, N. A.
Sadovnikov, V. E.
PATTERN RECOGNITION AND IMAGE ANALYSIS, 2024, 34 (03) : 589 - 596
[10] Detecting IoT Attacks Using an Ensemble Machine Learning Model
Tomer, Vikas
Sharma, Sachin
FUTURE INTERNET, 2022, 14 (04):

← 1 2 3 4 5 →