Συστήματα ασφάλειας Windows 11 και τεχνικές παράκαμψης Antivirus

Καραγιαννίδης, Γεώργιος

Windows 11 security and Antivirus bypassing techniques

Master Thesis

Author

Καραγιαννίδης, Γεώργιος

Date

2022-11

Abstract

The Windows Operating System holds the largest market share regarding users’ workstations. As a result, it is the most targeted OS by a large quantity of malware. One can safely argue that the recent years the Windows Operating System security level has significantly improved. As of now, the Windows security profile is comprised of a multi-layered set of systems and technologies, which by complementing each other, can prevent the introduction of malware in the system, its installation, execution and its use for lateral movement in Windows environments. This thesis attempts to enumerate all the Windows 11 security mechanisms, as well as known and possible methods to bypass them. In addition, it showcases the capability of Windows Defender, AMSI and Wazuh EDR evasion, using a combination of a known, open source C2 framework, as well as custom tools development so as to modify the C2 generated files.

Postgraduate Studies Programme

Κατανεμημένα Συστήματα, Ασφάλεια και Αναδυόμενες Τεχνολογίες Πληροφορίας

Department

Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα Πληροφορικής

Number of pages

Language

Greek

URI

https://dione.lib.unipi.gr/xmlui/handle/unipi/14924
http://dx.doi.org/10.26267/unipi_dione/2346

Collections

Τμήμα Πληροφορικής

Show full item record

Except where otherwise noted, this item's license is described as
Αναφορά Δημιουργού - Μη Εμπορική Χρήση - Παρόμοια Διανομή 3.0 Ελλάδα