Další formáty:
BibTeX
LaTeX
RIS
@inproceedings{44228, author = {Husák, Martin and Apruzzese, Giovanni and Yang, Shanchieh and Werner, Gordon}, address = {Bordeaux}, booktitle = {2021 IFIP/IEEE International Symposium on Integrated Network Management (IM)}, keywords = {Pivoting;Lateral Movement;Machine Learning;Flow Inspection;Intrusion Detection}, howpublished = {elektronická verze "online"}, language = {eng}, location = {Bordeaux}, isbn = {978-3-903176-32-4}, pages = {980-985}, publisher = {IEEE}, title = {Towards an Efficient Detection of Pivoting Activity}, url = {https://ieeexplore.ieee.org/document/9464033}, year = {2021} }
TY - JOUR ID - 44228 AU - Husák, Martin - Apruzzese, Giovanni - Yang, Shanchieh - Werner, Gordon PY - 2021 TI - Towards an Efficient Detection of Pivoting Activity PB - IEEE CY - Bordeaux SN - 9783903176324 KW - Pivoting;Lateral Movement;Machine Learning;Flow Inspection;Intrusion Detection UR - https://ieeexplore.ieee.org/document/9464033 N2 - Pivoting is a technique used by cyber attackers to exploit the privileges of compromised hosts in order to reach their final target. Existing research on countering this menace is only effective for pivoting activities spanning within the internal network perimeter. When applying existing methods to include external traffic, the detection algorithm produces overwhelming entries, most of which unrelated to pivoting. We address this problem by identifying the major characteristics that are specific to potentially malicious pivoting. Our analysis combines human expertise with machine learning and is based on the inspection of real network traffic generated by a large organization. The final goal is the reduction of the unacceptable amounts of false positives generated by the state of the art methods. This paper paves the way for future researches aimed at countering the critical menace of illegitimate pivoting activities. ER -
HUSÁK, Martin, Giovanni APRUZZESE, Shanchieh YANG a Gordon WERNER. Towards an Efficient Detection of Pivoting Activity. Online. In \textit{2021 IFIP/IEEE International Symposium on Integrated Network Management (IM)}. Bordeaux: IEEE, 2021, s.~980-985. ISBN~978-3-903176-32-4.
|