Next Article in Journal
A Methodological Approach to Evaluate Security Requirements Engineering Methodologies: Application to the IREHDO2 Project Context
Next Article in Special Issue
Clone Node Detection Attacks and Mitigation Mechanisms in Static Wireless Sensor Networks
Previous Article in Journal
CLAP: A Cross-Layer Analytic Platform for the Correlation of Cyber and Physical Security Events Affecting Water Critical Infrastructures
Previous Article in Special Issue
Ontology for Cross-Site-Scripting (XSS) Attack in Cybersecurity
Article

An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors

1
Department of Informatics, University of Piraeus, 80 Karaoli & Dimitriou Str., 18534 Piraeus, Greece
2
Information Management Systems Institute, Athena Research Center, Artemidos 6, 15125 Marousi, Greece
*
Author to whom correspondence should be addressed.
Academic Editor: Nour Moustafa
J. Cybersecur. Priv. 2021, 1(3), 387-421; https://doi.org/10.3390/jcp1030021
Received: 17 May 2021 / Revised: 30 June 2021 / Accepted: 6 July 2021 / Published: 9 July 2021
Advanced persistent threats pose a significant challenge for blue teams as they apply various attacks over prolonged periods, impeding event correlation and their detection. In this work, we leverage various diverse attack scenarios to assess the efficacy of EDRs against detecting and preventing APTs. Our results indicate that there is still a lot of room for improvement as state-of-the-art EDRs fail to prevent and log the bulk of the attacks that are reported in this work. Additionally, we discuss methods to tamper with the telemetry providers of EDRs, allowing an adversary to perform a more stealth attack. View Full-Text
Keywords: advanced persistent threats; EDR; malware; evasion advanced persistent threats; EDR; malware; evasion
Show Figures

Figure 1

MDPI and ACS Style

Karantzas, G.; Patsakis, C. An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors. J. Cybersecur. Priv. 2021, 1, 387-421. https://doi.org/10.3390/jcp1030021

AMA Style

Karantzas G, Patsakis C. An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors. Journal of Cybersecurity and Privacy. 2021; 1(3):387-421. https://doi.org/10.3390/jcp1030021

Chicago/Turabian Style

Karantzas, George, and Constantinos Patsakis. 2021. "An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors" Journal of Cybersecurity and Privacy 1, no. 3: 387-421. https://doi.org/10.3390/jcp1030021

Find Other Styles

Article Access Map by Country/Region

1
Back to TopTop