Machine Learning and Feature Engineering for Detecting Living off the Land Attacks

被引：0

作者：

Boros, Tiberiu ^{[1
]}

Cotaie, Andrei ^{[1
]}

Stan, Antrei ^{[1
]}

Vikramjeet, Kumar ^{[2
]}

Malik, Vivek ^{[2
]}

Davidson, Joseph ^{[2
]}

机构：

[1] Adobe Syst, Bucharest, Romania

[2] Adobe Syst, San Jose, CA USA

来源：

PROCEEDINGS OF THE 7TH INTERNATIONAL CONFERENCE ON INTERNET OF THINGS, BIG DATA AND SECURITY (IOTBDS) | 2022年

关键词：

Machine Learning; Living-off-the-Land (LotL); Feature Engineering; Artificial Intelligence; Random Forest; Commands; CommandLine; OpenSource; Linux;

D O I：

10.5220/0011004500003194

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Among the methods used by attackers to avoid detection, living off the land is particularly hard to detect. One of the main reasons is the thin line between what is actually operational/admin activity and what is malicious activity. Also, as shown by other research, this type of attack detection is underrepresented in Anti-Virus (AV) software, mainly because of the high risk of false positives. Our research focuses on detecting this type of attack through the use of machine learning. We greatly reduce the number of false detection by corpora design and specialized feature engineering which brings in-domain human expert knowledge. Our code is open-source and we provide pre-trained models.

引用

页码：133 / 140

页数：8

共 50 条

[31] On detecting and mitigating phishing attacks through featureless machine learning techniques
Martins de Souza, Cristian H.
Lemos, Marcilio O. O.
Dantas Silva, Felipe S.
Souza Alves, Robinson L.
INTERNET TECHNOLOGY LETTERS, 2020, 3 (01)
[32] Detecting Phishing Attacks Using Natural Language Processing And Machine Learning
Banu, Reshma
Anand, M.
Kamath, Akshatha C.
Ashika, S.
Ujwala, H. S.
Harshitha, S. N.
PROCEEDINGS OF THE 2019 INTERNATIONAL CONFERENCE ON INTELLIGENT COMPUTING AND CONTROL SYSTEMS (ICCS), 2019, : 1210 - 1214
[33] Enhancing Security in Social Networks through Machine Learning: Detecting and Mitigating Sybil Attacks with SybilSocNet
Cardenas-Haro, Jose Antonio
Salem, Mohamed
Aldaco-Gastelum, Abraham N.
Lopez-Avitia, Roberto
Dawson, Maurice
ALGORITHMS, 2024, 17 (10)
[34] Machine Learning Approaches for Predicting Maize Biomass Yield: Leveraging Feature Engineering and Comprehensive Data Integration
Abbasi, Maryam
Vaz, Paulo
Silva, Jose
Martins, Pedro
SUSTAINABILITY, 2025, 17 (01)
[35] Detecting SQL Injection Attacks in Cloud SaaS using Machine Learning
Tripathy, Dharitri
Gohil, Rudrarajsinh
Halabi, Talal
2020 IEEE 6TH INT CONFERENCE ON BIG DATA SECURITY ON CLOUD (BIGDATASECURITY) / 6TH IEEE INT CONFERENCE ON HIGH PERFORMANCE AND SMART COMPUTING, (HPSC) / 5TH IEEE INT CONFERENCE ON INTELLIGENT DATA AND SECURITY (IDS), 2020, : 145 - 150
[36] Detecting Phishing Websites Using an Efficient Feature-based Machine Learning Framework
Sundaram, K. Mohana
Sasikumar, R.
Meghana, Atthipalli Sai
Anuja, Arava
Praneetha, Chandolu
REVISTA GEINTEC-GESTAO INOVACAO E TECNOLOGIAS, 2021, 11 (02): : 2106 - 2112
[37] Research on urban water demand prediction based on machine learning and feature engineering
Yan, Dongfei
Tao, Yi
Zhang, Jianqi
Yang, Huijia
Water Supply, 2024, 27 (07) : 2247 - 2258
[38] The Role of Feature Selection in Machine Learning for Detection of Spam and Phishing Attacks
Salihovic, Ina
Serdarevic, Haris
Kevric, Jasmin
ADVANCED TECHNOLOGIES, SYSTEMS, AND APPLICATIONS III, VOL 2, 2019, 60 : 476 - 483
[39] An Application of Feature Engineering and Machine Learning Algorithms on Condition Monitoring of SiC Converters
Toussi, Afshin Loghmani Moghaddam
Bahman, Amir Sajjad
Iannuzzo, Francesco
Blaabjerg, Frede
2021 IEEE ENERGY CONVERSION CONGRESS AND EXPOSITION (ECCE), 2021, : 3652 - 3658
[40] DDoS attack detection with feature engineering and machine learning: the framework and performance evaluation
Aamir, Muhammad
Zaidi, Syed Mustafa Ali
INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2019, 18 (06) : 761 - 785

← 1 2 3 4 5 →