Air-Gapped Networks: Exfiltration without Privilege Escalation for Military and Police Units-Reference-Cited by-同舟云学术

Air-Gapped Networks: Exfiltration without Privilege Escalation for Military and Police Units

Published:2022-12-29 Issue: Volume:2022 Page:1-11
ISSN:1530-8677
Container-title:Wireless Communications and Mobile Computing
language:en
Short-container-title:Wireless Communications and Mobile Computing

Author:

Mohamed Nachaat¹^ORCID,Almazrouei Saif Khameis²,Oubelaid Adel³^ORCID,Elsisi Mahmoud⁴⁵^ORCID,ElHalawany Basem M.⁵⁶^ORCID,Ghoneim Sherif S. M.⁷^ORCID

Affiliation:

1. Rabdan Academy (Homeland Security Department), Abu Dhabi, UAE

2. Ministry of Interior (Smart Security Systems Department), UAE

3. Laboratoire de Technologie Industrielle et de l’Information, Faculté de Technologie, Université de Bejaia, Bejaia 06000, Algeria

4. Department of Electrical Engineering, National Kaohsiung University of Science and Technology, Kaohsiung 807618, Taiwan

5. Department of Electrical Engineering, Faculty of Engineering at Shoubra, Benha University, Cairo 11629, Egypt

6. Electronics and Communication Engineering Department, Kuwait College of Science and Technology, Doha District 35004, Kuwait

7. Electrical Engineering Department, College of Engineering, Taif University, P.O. Box 11099, Taif 21944, Saudi Arabia

Abstract

Several security tools have been described in recent times to assist security teams; however, the effectiveness and success remain limited to specific devices. Phishing is a type of cyberattack that uses fraudulent emails and websites to obtain personal information from unsuspecting users, such as passwords and credit card numbers. Hackers can gain access to your information through a variety of methods, and the most common of which are king, phishing, spear phishing, social engineering, and dictionary attacks. Each of these techniques is unique, but they all have the same goal: to obtain your personal information. Nevertheless, there is the potential to exploit this problem in terms of security. In this paper, we used the Bash Bunny (BB), a new tool designed to assist military, law enforcement, and penetration tester teams with their work to conduct exfiltration without privilege escalation through T1200, T1052, and T1052.001 techniques in air-gapped networks with effectiveness/success 99.706%.

Publisher

Hindawi Limited

Subject

Electrical and Electronic Engineering,Computer Networks and Communications,Information Systems

Link

http://downloads.hindawi.com/journals/wcmc/2022/4697494.pdf

Reference31 articles.

1. Learning the Associations of MITRE ATT & CK Adversarial Techniques

2. Duck Hunt: Memory forensics of USB attack platforms

3. A Natural Language Processing Based Trend Analysis of Advanced Persistent Threat Techniques

4. Linking CVE’s to MITRE ATT&CK Techniques

Cited by 9 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Leveraging CPU Utilization Metrics and Zero Trust Architecture for APT Detection;2023 IEEE 3rd International Conference on Applied Electromagnetics, Signal Processing, & Communication (AESPC);2023-11-24

2. Using AI and Kinetic Energy to Charge Mobile Devices with Human Movement;2023 4th IEEE Global Conference for Advancement in Technology (GCAT);2023-10-06

3. Passivating contact-based tunnel junction Si solar cells using machine learning for tandem cell applications;Energy and AI;2023-10

4. Smart Energy Meets Smart Security: A Comprehensive Review of AI Applications in Cybersecurity for Renewable Energy Systems;International Journal of Electrical and Electronics Research;2023-08-10

5. Artificial Intelligence (AI) and Machine Learning (ML)-based Information Security in Electric Vehicles: A Review;2023 5th Global Power, Energy and Communication Conference (GPECOM);2023-06-14