Publication: Detection of suspicious activities on windows systems with log analysis
| dc.contributor.author | ÜLKÜ, EYÜP EMRE | |
| dc.contributor.authors | Öztürk A., ÜLKÜ E. E. | |
| dc.date.accessioned | 2023-01-02T11:14:36Z | |
| dc.date.available | 2023-01-02T11:14:36Z | |
| dc.date.issued | 2022-12-21 | |
| dc.description.abstract | In recent years, rapid technological developments in many different fields have brought along various problems along with many innovations. One of these problems is cyber-attacks. Storing many records and data in digital media has made it very important to protect these records and data. Continuous log records play an important role in taking necessary precautions against cyber-attacks by system administrators. With the logging mechanism found in Windows systems, every transaction made on the system is recorded. These log records are analyzed with various algorithms and tools. As a result of these analyzes, suspicious or attacker behaviors on the system are detected. In this study, various cyber-attacks were tested in an environment where these Windows systems are located. As a result of these tests, the logs formed in the systems were collected and analyzed with the ELK Stack toolkit. As a result of these analyzes, the attacks were determined and associated with the tactics and techniques on Mitre ATT & CK. | |
| dc.identifier.citation | Öztürk A., ÜLKÜ E. E., \"Detection of Suspicious Activities on Windows Systems with Log Analysis\", International Conference on Engineering Technologies 2022 (ICENTE'2022), Konya, Türkiye, 17 Kasım 2022 | |
| dc.identifier.endpage | 80 | |
| dc.identifier.startpage | 77 | |
| dc.identifier.uri | https://icente.selcuk.edu.tr/uploads/files2/ICENTE22_Proceedings_Book_v2.pdf | |
| dc.identifier.uri | https://hdl.handle.net/11424/284665 | |
| dc.language.iso | eng | |
| dc.relation.ispartof | International Conference on Engineering Technologies 2022 (ICENTE'2022) | |
| dc.rights | info:eu-repo/semantics/openAccess | |
| dc.subject | Log analysis | |
| dc.subject | Mitre Att&CK | |
| dc.subject | ELK Stack | |
| dc.subject | Windows Systems | |
| dc.title | Detection of suspicious activities on windows systems with log analysis | |
| dc.type | conferenceObject | |
| dspace.entity.type | Publication | |
| local.avesis.id | 52df290c-5387-4bf8-9c38-ce631836f998 | |
| relation.isAuthorOfPublication | 4afa2e18-6b43-4fdd-978b-cc9836c6f9d5 | |
| relation.isAuthorOfPublication.latestForDiscovery | 4afa2e18-6b43-4fdd-978b-cc9836c6f9d5 |