Lateral Movement Detection Using ELK Stack

Jain, Utkarsh

View/Open

JAIN-THESIS-2018.pdf (824.2Kb)

Date

2018-05

Author

Jain, Utkarsh

Metadata

Show full item record

Abstract

In recent time, it is becoming increasingly difficult to prevent initial infiltration of a network, making it important to always consider and improve detection of an ongoing incident. Any attacker spends most energy, time and is additionally the most defenseless against detection when the attacker is trying to move laterally from system to system to escalate privileges. This research takes into consideration, majority of tools and techniques used by adversaries to move in a windows-based network laterally. It showcases the execution of these tools and suggests how usage of such tools can be detected using logging. Hence, this research is an attempt at creating a solution which helps in detection of lateral movement happening inside a windows-based network by collecting logs and analyzing them using ELK stack as the logging tool.

URI

http://hdl.handle.net/10657/3109

Collections

Published ETD Collection