Deep Dive into Hunting for LotLs Using Machine Learning and Feature Engineering

Tiberiu Boros; Andrei Cotaie

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Deep Dive into Hunting for LotLs Using Machine Learning and Feature Engineering

Topics: Algorithms, software engineering and development; Intrusion and detection techniques

In Proceedings of the 8th International Conference on Internet of Things, Big Data and Security IoTBDS - Volume 1, 194-199, 2023 , Prague, Czech Republic

Authors: Tiberiu Boros ¹ and Andrei Cotaie ²

Affiliations: ¹ Security Coordination Center, Adobe Systems, Bucharest, Romania ; ² Security Operations, UIPath, Bucharest, Romania

Keyword(s): Machine Learning, Feature Engineering, Living Off the Land Attacks.

Abstract: Living off the Land (LotL) is a well-known method in which attackers use pre-existing tools distributed with the operating system to perform their attack/lateral movement. LotL enables them to blend in along side sysadmin operations, thus making it particularly difficult to spot this type of activity. Our work is centered on detecting LotL via Machine Learning and Feature Engineering while keeping the number of False Positives to a minimum. The work described here is implemented in an open-source tool that is provided under the Apache 2.0 License, along side pre-trained models.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.16.54.63

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Boros, T. and Cotaie, A. (2023). Deep Dive into Hunting for LotLs Using Machine Learning and Feature Engineering. In Proceedings of the 8th International Conference on Internet of Things, Big Data and Security - IoTBDS; ISBN 978-989-758-643-9; ISSN 2184-4976, SciTePress, pages 194-199. DOI: 10.5220/0011968700003482

@conference{iotbds23,
author={Tiberiu Boros. and Andrei Cotaie.},
title={Deep Dive into Hunting for LotLs Using Machine Learning and Feature Engineering},
booktitle={Proceedings of the 8th International Conference on Internet of Things, Big Data and Security - IoTBDS},
year={2023},
pages={194-199},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011968700003482},
isbn={978-989-758-643-9},
issn={2184-4976},
}

TY - CONF

JO - Proceedings of the 8th International Conference on Internet of Things, Big Data and Security - IoTBDS
TI - Deep Dive into Hunting for LotLs Using Machine Learning and Feature Engineering
SN - 978-989-758-643-9
IS - 2184-4976
AU - Boros, T.
AU - Cotaie, A.
PY - 2023
SP - 194
EP - 199
DO - 10.5220/0011968700003482
PB - SciTePress