grizzly/deneir
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update

Browse source
This commit is contained in:
Arthur Grisel-Davy 2024-09-05 13:02:32 -04:00
parent b7b611e637
commit 728770aea7
4 changed files with 26 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

12
PhD/seminar/seminar.typ
View file

@ -29,7 +29,18 @@
#slide(title:"State of the IDS")[
// Process masquerading is trivialy posible and used by many attacks (Mitre AttCK list)
#line-by-line[
- #text(weight:"bold")[Known Attacks] #cite(label("mitre_masquerade"), supplement:"MITRE"): AcroRD32.exe (Adobe), kb-10233.exe (Windows Update), mfevtpse.exe (McAfee).
- #text(weight:"bold")[Technics:]
- #box(baseline: 60%, height:2em, image("images/linux.svg", height:100%)): Bind Mounts @mount, #text(fill:red)[find more]
- #box(baseline: 60%, height:2em, image("images/windows.svg", height:100%)): msdtc.exe , #text(fill:red)[find more]
]
]
#slide(title:"State of the IDS")[
// Countermeasure to process masquerading
Listed by MITRE|ATT&CK:
@ -85,4 +96,5 @@ Power is:
]
#slide(title:"Future Developements")[
#bibliography("biblio.yml")
]