Machine Learning and Feature Engineering for Detecting Living off the Land Attacks

被引：0

作者：

Boros, Tiberiu ^{[1
]}

Cotaie, Andrei ^{[1
]}

Stan, Antrei ^{[1
]}

Vikramjeet, Kumar ^{[2
]}

Malik, Vivek ^{[2
]}

Davidson, Joseph ^{[2
]}

机构：

[1] Adobe Syst, Bucharest, Romania

[2] Adobe Syst, San Jose, CA USA

来源：

PROCEEDINGS OF THE 7TH INTERNATIONAL CONFERENCE ON INTERNET OF THINGS, BIG DATA AND SECURITY (IOTBDS) | 2022年

关键词：

Machine Learning; Living-off-the-Land (LotL); Feature Engineering; Artificial Intelligence; Random Forest; Commands; CommandLine; OpenSource; Linux;

D O I：

10.5220/0011004500003194

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Among the methods used by attackers to avoid detection, living off the land is particularly hard to detect. One of the main reasons is the thin line between what is actually operational/admin activity and what is malicious activity. Also, as shown by other research, this type of attack detection is underrepresented in Anti-Virus (AV) software, mainly because of the high risk of false positives. Our research focuses on detecting this type of attack through the use of machine learning. We greatly reduce the number of false detection by corpora design and specialized feature engineering which brings in-domain human expert knowledge. Our code is open-source and we provide pre-trained models.

引用

页码：133 / 140

页数：8

共 50 条

[41] DDoS attack detection with feature engineering and machine learning: the framework and performance evaluation
Muhammad Aamir
Syed Mustafa Ali Zaidi
International Journal of Information Security, 2019, 18 : 761 - 785
[42] Intraoperative Hypotension Prediction Model Based on Systematic Feature Engineering and Machine Learning
Lee, Subin
Lee, Misoon
Kim, Sang-Hyun
Woo, Jiyoung
SENSORS, 2022, 22 (09)
[43] Detecting Android Malware with Intensive Feature Engineering
Yang, Manzhi
Wen, QiaoYan
PROCEEDINGS OF 2016 IEEE 7TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING AND SERVICE SCIENCE (ICSESS 2016), 2016, : 157 - 161
[44] Cybersecurity in Smart Grids: Detecting False Data Injection Attacks Utilizing Supervised Machine Learning Techniques
Shees, Anwer
Tariq, Mohd
Sarwat, Arif I.
ENERGIES, 2024, 17 (23)
[45] Detecting cyber-physical attacks in CyberManufacturing systems with machine learning methods
Mingtao Wu
Zhengyi Song
Young B. Moon
Journal of Intelligent Manufacturing, 2019, 30 : 1111 - 1123
[46] A Machine Learning Approach for Detecting GPS Location Spoofing Attacks in Autonomous Vehicles
Filippou, S.
Achilleos, A.
Zukhraf, S. Z.
Laoudias, C.
Malialis, K.
Michael, M. K.
Ellinas, G.
2023 IEEE 97TH VEHICULAR TECHNOLOGY CONFERENCE, VTC2023-SPRING, 2023,
[47] Detecting cyber-physical attacks in CyberManufacturing systems with machine learning methods
Wu, Mingtao
Song, Zhengyi
Moon, Young B.
JOURNAL OF INTELLIGENT MANUFACTURING, 2019, 30 (03) : 1111 - 1123
[48] Detecting Blind Cross-Site Scripting Attacks Using Machine Learning
Kaur, Gurpreet
Malik, Yasir
Samuel, Hamman
Jaafar, Fehmi
2018 INTERNATIONAL CONFERENCE ON SIGNAL PROCESSING AND MACHINE LEARNING (SPML 2018), 2018, : 22 - 25
[49] A Machine Learning Based Approach for Detecting DRDoS Attacks and Its Performance Evaluation
Gao, Yuxuan
Feng, Yaokai
Kawamoto, Junpei
Sakurai, Kouichi
2016 11TH ASIA JOINT CONFERENCE ON INFORMATION SECURITY (ASIAJCIS), 2016, : 80 - 86
[50] An Ensemble Machine Learning Approach for Detecting and Classifying Malware Attacks on Mobile Devices
Alsharif, Eiman
Alharby, Maher
ARABIAN JOURNAL FOR SCIENCE AND ENGINEERING, 2025,

← 1 2 3 4 5 →