all InfoSec news
Laccolith: Hypervisor-Based Adversary Emulation with Anti-Detection. (arXiv:2311.08274v2 [cs.CR] UPDATED)
cs.CR updates on arXiv.org arxiv.org
Advanced Persistent Threats (APTs) represent the most threatening form of
attack nowadays since they can stay undetected for a long time. Adversary
emulation is a proactive approach for preparing against these attacks. However,
adversary emulation tools lack the anti-detection abilities of APTs. We
introduce Laccolith, a hypervisor-based solution for adversary emulation with
anti-detection to fill this gap. We also present an experimental study to
compare Laccolith with MITRE CALDERA, a state-of-the-art solution for adversary
emulation, against five popular anti-virus products. …
advanced advanced persistent threats adversary adversary emulation apts attack attacks detection emulation hypervisor persistent persistent threats proactive solution threats tools undetected