FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W3168421845> ?p ?o ?g. }

• W3168421845 endingPage "27" @default.
• W3168421845 startingPage "3" @default.
• W3168421845 abstract "We present a large-scale characterization of attacker activity across 111 real-world enterprise organizations. We develop a novel forensic technique for distinguishing between attacker activity and benign activity in compromised enterprise accounts that yields few false positives and enables us to perform fine-grained analysis of attacker behavior. Applying our methods to a set of 159 compromised enterprise accounts, we quantify the duration of time attackers are active in accounts and examine thematic patterns in how attackers access and leverage these hijacked accounts. We find that attackers frequently dwell in accounts for multiple days to weeks, suggesting that delayed (non-real-time) detection can still provide significant value. Based on an analysis of the attackers’ timing patterns, we observe two distinct modalities in how attackers access compromised accounts, which could be explained by the existence of a specialized market for hijacked enterprise accounts: where one class of attackers focuses on compromising and selling account access to another class of attackers who exploit the access such hijacked accounts provide. Ultimately, our analysis sheds light on the state of enterprise account hijacking and highlights fruitful directions for a broader space of detection methods, ranging from new features that hone in on malicious account behavior to the development of non-real-time detection methods that leverage malicious activity after an attack’s initial point of compromise to more accurately identify attacks." @default.
• W3168421845 created "2021-06-22" @default.
• W3168421845 creator A5012294284 @default.
• W3168421845 creator A5032570570 @default.
• W3168421845 creator A5058692226 @default.
• W3168421845 creator A5062174672 @default.
• W3168421845 creator A5075060493 @default.
• W3168421845 creator A5079564308 @default.
• W3168421845 date "2020-01-01" @default.
• W3168421845 modified "2023-10-18" @default.
• W3168421845 title "A Large-Scale Analysis of Attacker Activity in Compromised Enterprise Accounts" @default.
• W3168421845 cites W1442570287 @default.
• W3168421845 cites W2002964284 @default.
• W3168421845 cites W2031955211 @default.
• W3168421845 cites W2035015614 @default.
• W3168421845 cites W2039414135 @default.
• W3168421845 cites W2059621117 @default.
• W3168421845 cites W2068462258 @default.
• W3168421845 cites W2134750673 @default.
• W3168421845 cites W2155743899 @default.
• W3168421845 cites W2159179292 @default.
• W3168421845 cites W2416111155 @default.
• W3168421845 cites W2550183133 @default.
• W3168421845 cites W2745049536 @default.
• W3168421845 cites W2765227388 @default.
• W3168421845 cites W2891807831 @default.
• W3168421845 cites W2914845368 @default.
• W3168421845 cites W3168421845 @default.
• W3168421845 doi "https://doi.org/10.1007/978-3-030-59621-7_1" @default.
• W3168421845 hasPublicationYear "2020" @default.
• W3168421845 type Work @default.
• W3168421845 sameAs 3168421845 @default.
• W3168421845 citedByCount "1" @default.
• W3168421845 countsByYear W31684218452020 @default.
• W3168421845 crossrefType "book-chapter" @default.
• W3168421845 hasAuthorship W3168421845A5012294284 @default.
• W3168421845 hasAuthorship W3168421845A5032570570 @default.
• W3168421845 hasAuthorship W3168421845A5058692226 @default.
• W3168421845 hasAuthorship W3168421845A5062174672 @default.
• W3168421845 hasAuthorship W3168421845A5075060493 @default.
• W3168421845 hasAuthorship W3168421845A5079564308 @default.
• W3168421845 hasBestOaLocation W31684218452 @default.
• W3168421845 hasConcept C121332964 @default.
• W3168421845 hasConcept C153083717 @default.
• W3168421845 hasConcept C154945302 @default.
• W3168421845 hasConcept C165696696 @default.
• W3168421845 hasConcept C177264268 @default.
• W3168421845 hasConcept C199360897 @default.
• W3168421845 hasConcept C2777212361 @default.
• W3168421845 hasConcept C2778755073 @default.
• W3168421845 hasConcept C38652104 @default.
• W3168421845 hasConcept C41008148 @default.
• W3168421845 hasConcept C62520636 @default.
• W3168421845 hasConcept C64869954 @default.
• W3168421845 hasConceptScore W3168421845C121332964 @default.
• W3168421845 hasConceptScore W3168421845C153083717 @default.
• W3168421845 hasConceptScore W3168421845C154945302 @default.
• W3168421845 hasConceptScore W3168421845C165696696 @default.
• W3168421845 hasConceptScore W3168421845C177264268 @default.
• W3168421845 hasConceptScore W3168421845C199360897 @default.
• W3168421845 hasConceptScore W3168421845C2777212361 @default.
• W3168421845 hasConceptScore W3168421845C2778755073 @default.
• W3168421845 hasConceptScore W3168421845C38652104 @default.
• W3168421845 hasConceptScore W3168421845C41008148 @default.
• W3168421845 hasConceptScore W3168421845C62520636 @default.
• W3168421845 hasConceptScore W3168421845C64869954 @default.
• W3168421845 hasLocation W31684218451 @default.
• W3168421845 hasLocation W31684218452 @default.
• W3168421845 hasLocation W31684218453 @default.
• W3168421845 hasOpenAccess W3168421845 @default.
• W3168421845 hasPrimaryLocation W31684218451 @default.
• W3168421845 hasRelatedWork W2135486170 @default.
• W3168421845 hasRelatedWork W2331043530 @default.
• W3168421845 hasRelatedWork W2335214039 @default.
• W3168421845 hasRelatedWork W2374820792 @default.
• W3168421845 hasRelatedWork W2397135192 @default.
• W3168421845 hasRelatedWork W2798029542 @default.
• W3168421845 hasRelatedWork W2964604098 @default.
• W3168421845 hasRelatedWork W2997512100 @default.
• W3168421845 hasRelatedWork W3048799479 @default.
• W3168421845 hasRelatedWork W3128070938 @default.
• W3168421845 isParatext "false" @default.
• W3168421845 isRetracted "false" @default.
• W3168421845 magId "3168421845" @default.
• W3168421845 workType "book-chapter" @default.