首页>
外国专利>
Enhanced Security Techniques for Remote Reverse Shell Prevention
Enhanced Security Techniques for Remote Reverse Shell Prevention
展开▼
机译:增强的安全技术,用于远程反向Shell防护
展开▼
页面导航
摘要
著录项
相似文献
摘要
When a computer system is compromised by a malicious user, detecting or preventing the malicious user can improve the security and efficiency of the computer system, as well as prevent data from being deleted or corrupted and/or stolen. An attacker who compromises a computer system is likely to take certain actions to exert control over the computer or avoid detection. When a compromised system is behind a network firewall, the attacker may seek to open a remote reverse shell on the compromised system to more easily issue commands, as the firewall may block direct attempts from outside the network to contact the compromised system. Detecting a reverse shell can be difficult, slow, and unreliable, however. The present disclosure discusses methods for detecting reverse shells based on analyzing redirection of data streams such as STDIN, STDOUT, and STDERR.
展开▼