{"title":"击败现代反病毒防御评估","authors":"Abdul Basit Ajmal, Shawal Khan, Farhana Jabeen","doi":"10.1109/FIT57066.2022.00054","DOIUrl":null,"url":null,"abstract":"A system without an antivirus is just like a house with an open door. The majority of the attacks aim to compromise the endpoint. Anti-virus (AV) is used at the endpoint in conjunction with the firewall. With the increase in sophisticated attacks, many advancements have been done in AV. Now we see modern AV in the form of Endpoint Detection & Response (EDR). However, threat actors are still successful in evading EDR. Past research focuses on preventive measures in security rather than investigating how attack surface is increasing and AV won't help in defending our system. In this paper, we will present some techniques that can be used to evade modern-day next-generation AV. This research aims to help penetration testers and security researchers, to see how an advanced AV can be bypassed.","PeriodicalId":102958,"journal":{"name":"2022 International Conference on Frontiers of Information Technology (FIT)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Defeating Modern Day Anti-Viruses for Defense Evaluation\",\"authors\":\"Abdul Basit Ajmal, Shawal Khan, Farhana Jabeen\",\"doi\":\"10.1109/FIT57066.2022.00054\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"A system without an antivirus is just like a house with an open door. The majority of the attacks aim to compromise the endpoint. Anti-virus (AV) is used at the endpoint in conjunction with the firewall. With the increase in sophisticated attacks, many advancements have been done in AV. Now we see modern AV in the form of Endpoint Detection & Response (EDR). However, threat actors are still successful in evading EDR. Past research focuses on preventive measures in security rather than investigating how attack surface is increasing and AV won't help in defending our system. In this paper, we will present some techniques that can be used to evade modern-day next-generation AV. This research aims to help penetration testers and security researchers, to see how an advanced AV can be bypassed.\",\"PeriodicalId\":102958,\"journal\":{\"name\":\"2022 International Conference on Frontiers of Information Technology (FIT)\",\"volume\":\"16 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 International Conference on Frontiers of Information Technology (FIT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/FIT57066.2022.00054\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 International Conference on Frontiers of Information Technology (FIT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/FIT57066.2022.00054","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Defeating Modern Day Anti-Viruses for Defense Evaluation
A system without an antivirus is just like a house with an open door. The majority of the attacks aim to compromise the endpoint. Anti-virus (AV) is used at the endpoint in conjunction with the firewall. With the increase in sophisticated attacks, many advancements have been done in AV. Now we see modern AV in the form of Endpoint Detection & Response (EDR). However, threat actors are still successful in evading EDR. Past research focuses on preventive measures in security rather than investigating how attack surface is increasing and AV won't help in defending our system. In this paper, we will present some techniques that can be used to evade modern-day next-generation AV. This research aims to help penetration testers and security researchers, to see how an advanced AV can be bypassed.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
