FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W3096129012> ?p ?o ?g. }

• W3096129012 endingPage "19" @default.
• W3096129012 startingPage "9" @default.
• W3096129012 abstract "Detecting cyber threats has been an on-going research endeavor. In this era, Advanced Persistent Threats (APTs) can incur significant costs for organizations and businesses. The ultimate goal of cybersecurity is to thwart attackers from achieving their malicious intent, whether it is credential stealing, infrastructure takeover, or program sabotage. Every cyber attack goes through several stages before its termination. Lateral Movement (LM) is one of those stages that is of particular importance. Remote Desktop Protocol (RDP) is a method used in LM to successfully authenticate to an unauthorized host that leaves footprints on both host and network logs. In this paper, we propose to detect evidence of LM using Machine Learning (ML) and Windows RDP event logs. We explore different feature sets extracted from these logs and evaluate various supervised ML techniques for classifying RDP sessions with high precision and recall. We also compare the performance of our proposed approach to a state-of-the-art approach and demonstrate that our ML model outperforms in classifying RDP sessions in Windows event logs. In addition, we show that our model is robust against certain types of adversarial attacks." @default.
• W3096129012 created "2020-11-09" @default.
• W3096129012 creator A5033007169 @default.
• W3096129012 creator A5038723583 @default.
• W3096129012 creator A5039801401 @default.
• W3096129012 creator A5054077020 @default.
• W3096129012 creator A5062253146 @default.
• W3096129012 creator A5085391652 @default.
• W3096129012 date "2021-01-01" @default.
• W3096129012 modified "2023-09-29" @default.
• W3096129012 title "RDP-based Lateral Movement detection using Machine Learning" @default.
• W3096129012 cites W1226496485 @default.
• W3096129012 cites W1985663105 @default.
• W3096129012 cites W2018061979 @default.
• W3096129012 cites W2065323196 @default.
• W3096129012 cites W2066832805 @default.
• W3096129012 cites W2070375960 @default.
• W3096129012 cites W2077488147 @default.
• W3096129012 cites W2101109743 @default.
• W3096129012 cites W2125908420 @default.
• W3096129012 cites W2167240430 @default.
• W3096129012 cites W2308766372 @default.
• W3096129012 cites W2342249984 @default.
• W3096129012 cites W2342850280 @default.
• W3096129012 cites W2408793237 @default.
• W3096129012 cites W2738046073 @default.
• W3096129012 cites W2765664114 @default.
• W3096129012 cites W2783034914 @default.
• W3096129012 cites W2804964061 @default.
• W3096129012 cites W2809684781 @default.
• W3096129012 cites W2890352274 @default.
• W3096129012 cites W433644524 @default.
• W3096129012 doi "https://doi.org/10.1016/j.comcom.2020.10.013" @default.
• W3096129012 hasPublicationYear "2021" @default.
• W3096129012 type Work @default.
• W3096129012 sameAs 3096129012 @default.
• W3096129012 citedByCount "9" @default.
• W3096129012 countsByYear W30961290122021 @default.
• W3096129012 countsByYear W30961290122022 @default.
• W3096129012 countsByYear W30961290122023 @default.
• W3096129012 crossrefType "journal-article" @default.
• W3096129012 hasAuthorship W3096129012A5033007169 @default.
• W3096129012 hasAuthorship W3096129012A5038723583 @default.
• W3096129012 hasAuthorship W3096129012A5039801401 @default.
• W3096129012 hasAuthorship W3096129012A5054077020 @default.
• W3096129012 hasAuthorship W3096129012A5062253146 @default.
• W3096129012 hasAuthorship W3096129012A5085391652 @default.
• W3096129012 hasConcept C106159729 @default.
• W3096129012 hasConcept C11413529 @default.
• W3096129012 hasConcept C119857082 @default.
• W3096129012 hasConcept C121332964 @default.
• W3096129012 hasConcept C126831891 @default.
• W3096129012 hasConcept C138885662 @default.
• W3096129012 hasConcept C142724271 @default.
• W3096129012 hasConcept C154945302 @default.
• W3096129012 hasConcept C162324750 @default.
• W3096129012 hasConcept C18903297 @default.
• W3096129012 hasConcept C204787440 @default.
• W3096129012 hasConcept C207609745 @default.
• W3096129012 hasConcept C2776401178 @default.
• W3096129012 hasConcept C2777810591 @default.
• W3096129012 hasConcept C2779662365 @default.
• W3096129012 hasConcept C2780385302 @default.
• W3096129012 hasConcept C38652104 @default.
• W3096129012 hasConcept C41008148 @default.
• W3096129012 hasConcept C41895202 @default.
• W3096129012 hasConcept C48103436 @default.
• W3096129012 hasConcept C62520636 @default.
• W3096129012 hasConcept C71924100 @default.
• W3096129012 hasConcept C86803240 @default.
• W3096129012 hasConceptScore W3096129012C106159729 @default.
• W3096129012 hasConceptScore W3096129012C11413529 @default.
• W3096129012 hasConceptScore W3096129012C119857082 @default.
• W3096129012 hasConceptScore W3096129012C121332964 @default.
• W3096129012 hasConceptScore W3096129012C126831891 @default.
• W3096129012 hasConceptScore W3096129012C138885662 @default.
• W3096129012 hasConceptScore W3096129012C142724271 @default.
• W3096129012 hasConceptScore W3096129012C154945302 @default.
• W3096129012 hasConceptScore W3096129012C162324750 @default.
• W3096129012 hasConceptScore W3096129012C18903297 @default.
• W3096129012 hasConceptScore W3096129012C204787440 @default.
• W3096129012 hasConceptScore W3096129012C207609745 @default.
• W3096129012 hasConceptScore W3096129012C2776401178 @default.
• W3096129012 hasConceptScore W3096129012C2777810591 @default.
• W3096129012 hasConceptScore W3096129012C2779662365 @default.
• W3096129012 hasConceptScore W3096129012C2780385302 @default.
• W3096129012 hasConceptScore W3096129012C38652104 @default.
• W3096129012 hasConceptScore W3096129012C41008148 @default.
• W3096129012 hasConceptScore W3096129012C41895202 @default.
• W3096129012 hasConceptScore W3096129012C48103436 @default.
• W3096129012 hasConceptScore W3096129012C62520636 @default.
• W3096129012 hasConceptScore W3096129012C71924100 @default.
• W3096129012 hasConceptScore W3096129012C86803240 @default.
• W3096129012 hasFunder F4320313506 @default.
• W3096129012 hasFunder F4320321487 @default.
• W3096129012 hasLocation W30961290121 @default.
• W3096129012 hasOpenAccess W3096129012 @default.
• W3096129012 hasPrimaryLocation W30961290121 @default.

• next