dc.contributor.author | Yamin, Muhammad Mudassar | |
dc.contributor.author | Katt, Basel | |
dc.contributor.author | Gkioulos, Vasileios | |
dc.date.accessioned | 2019-10-24T11:09:46Z | |
dc.date.available | 2019-10-24T11:09:46Z | |
dc.date.created | 2019-05-27T13:21:17Z | |
dc.date.issued | 2019 | |
dc.identifier.issn | 2367-3370 | |
dc.identifier.uri | http://hdl.handle.net/11250/2624131 | |
dc.description.abstract | This article presents a novel algorithm for the detection of exploit chains in a Windows based environment. An exploit chain is a group of exploits that executes synchronously, in order to achieve the system exploitation. Unlike high-risk vulnerabilities that allow system exploitation using only one execution step, an exploit chain takes advantage of multiple medium and low risk vulnerabilities. These are grouped, in order to form a chain of exploits that when executed achieve the exploitation of the system. Experiments were performed to check the effectiveness of developed algorithm against multiple anti-virus/anti-malware solutions available in the market. | nb_NO |
dc.language.iso | eng | nb_NO |
dc.publisher | Springer Verlag | nb_NO |
dc.title | Detecting Windows Based Exploit Chains by Means of Event Correlation and Process Monitoring | nb_NO |
dc.type | Journal article | nb_NO |
dc.type | Peer reviewed | nb_NO |
dc.description.version | acceptedVersion | nb_NO |
dc.source.volume | 70 LNNS | nb_NO |
dc.source.journal | Lecture Notes in Networks and Systems | nb_NO |
dc.identifier.doi | 10.1007/978-3-030-12385-7_73 | |
dc.identifier.cristin | 1700488 | |
dc.description.localcode | This is a post-peer-review, pre-copyedit version of an article published in [Lecture Notes in Networks and Systems] Locked until 2.2.2020due to copyright restrictions. The final authenticated version is available online at: https://doi.org/10.1007/978-3-030-12385-7_73 | nb_NO |
cristin.unitcode | 194,63,30,0 | |
cristin.unitname | Institutt for informasjonssikkerhet og kommunikasjonsteknologi | |
cristin.ispublished | true | |
cristin.fulltext | postprint | |
cristin.qualitycode | 1 | |