The Inner Workings of Windows Security
- URL: http://arxiv.org/abs/2312.15150v1
- Date: Sat, 23 Dec 2023 03:35:57 GMT
- Title: The Inner Workings of Windows Security
- Authors: Ashvini A Kulshrestha, Guanqun Song, Ting Zhu,
- Abstract summary: The year 2022 saw a significant increase in Microsoft vulnerabilities, reaching an all-time high in the past decade.
This project aims to investigate the vulnerabilities of the Windows Operating System and explore the effectiveness of key security features.
Based on the results, this study will provide recommendations for mitigation strategies to enhance system security and strengthen the protection provided by Windows security features.
- Score: 4.424739166856966
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: The year 2022 saw a significant increase in Microsoft vulnerabilities, reaching an all-time high in the past decade. With new vulnerabilities constantly emerging, there is an urgent need for proactive approaches to harden systems and protect them from potential cyber threats. This project aims to investigate the vulnerabilities of the Windows Operating System and explore the effectiveness of key security features such as BitLocker, Microsoft Defender, and Windows Firewall in addressing these threats. To achieve this, various security threats are simulated in controlled environments using coded examples, allowing for a thorough evaluation of the security solutions' effectiveness. Based on the results, this study will provide recommendations for mitigation strategies to enhance system security and strengthen the protection provided by Windows security features. By identifying potential weaknesses and areas of improvement in the Windows security infrastructure, this project will contribute to the development of more robust and resilient security solutions that can better safeguard systems against emerging cyber threats.
Related papers
- Do Not Trust Power Management: Challenges and Hints for Securing Future Trusted Execution Environments [0.21665864340363084]
Since 2017, Tang et al. introduced a new class of software-enabled hardware attacks.
These attacks aim at bypassing TEE security guarantees and exposing sensitive information like cryptographic keys.
This article presents the first comprehensive knowledge survey of these attacks, along with an evaluation of literature countermeasures.
arXiv Detail & Related papers (2024-05-24T13:26:39Z) - The MESA Security Model 2.0: A Dynamic Framework for Mitigating Stealth Data Exfiltration [0.0]
Stealth Data Exfiltration is a significant cyber threat characterized by covert infiltration, extended undetectability, and unauthorized dissemination of confidential data.
Our findings reveal that conventional defense-in-depth strategies often fall short in combating these sophisticated threats.
As we navigate this complex landscape, it is crucial to anticipate potential threats and continually update our defenses.
arXiv Detail & Related papers (2024-05-17T16:14:45Z) - Attention-Based Real-Time Defenses for Physical Adversarial Attacks in
Vision Applications [58.06882713631082]
Deep neural networks exhibit excellent performance in computer vision tasks, but their vulnerability to real-world adversarial attacks raises serious security concerns.
This paper proposes an efficient attention-based defense mechanism that exploits adversarial channel-attention to quickly identify and track malicious objects in shallow network layers.
It also introduces an efficient multi-frame defense framework, validating its efficacy through extensive experiments aimed at evaluating both defense performance and computational cost.
arXiv Detail & Related papers (2023-11-19T00:47:17Z) - Secure Software Development: Issues and Challenges [0.0]
The digitization of our lives proves to solve our human problems as well as improve quality of life.
Hackers aim to steal the data of innocent people to use it for other causes such as identity fraud, scams and many more.
The goal of a secured system software is to prevent such exploitations from ever happening by conducting a system life cycle.
arXiv Detail & Related papers (2023-11-18T09:44:48Z) - The New Frontier of Cybersecurity: Emerging Threats and Innovations [0.0]
The research delves into the consequences of these threats on individuals, organizations, and society at large.
The sophistication and diversity of these emerging threats necessitate a multi-layered approach to cybersecurity.
This study emphasizes the importance of implementing effective measures to mitigate these threats.
arXiv Detail & Related papers (2023-11-05T12:08:20Z) - Leveraging Traceability to Integrate Safety Analysis Artifacts into the
Software Development Process [51.42800587382228]
Safety assurance cases (SACs) can be challenging to maintain during system evolution.
We propose a solution that leverages software traceability to connect relevant system artifacts to safety analysis models.
We elicit design rationales for system changes to help safety stakeholders analyze the impact of system changes on safety.
arXiv Detail & Related papers (2023-07-14T16:03:27Z) - When Authentication Is Not Enough: On the Security of Behavioral-Based Driver Authentication Systems [53.2306792009435]
We develop two lightweight driver authentication systems based on Random Forest and Recurrent Neural Network architectures.
We are the first to propose attacks against these systems by developing two novel evasion attacks, SMARTCAN and GANCAN.
Through our contributions, we aid practitioners in safely adopting these systems, help reduce car thefts, and enhance driver security.
arXiv Detail & Related papers (2023-06-09T14:33:26Z) - Towards Safer Generative Language Models: A Survey on Safety Risks,
Evaluations, and Improvements [76.80453043969209]
This survey presents a framework for safety research pertaining to large models.
We begin by introducing safety issues of wide concern, then delve into safety evaluation methods for large models.
We explore the strategies for enhancing large model safety from training to deployment.
arXiv Detail & Related papers (2023-02-18T09:32:55Z) - Defending against cybersecurity threats to the payments and banking
system [0.0]
The proliferation of cyber crimes is a huge concern for various stakeholders in the banking sector.
To prevent risks of cyber-attacks on software systems, entities operating within cyberspace must be identified.
This paper will examine various approaches that identify assets in cyberspace, classify the cyber threats, provide security defenses and map security measures to control types and functionalities.
arXiv Detail & Related papers (2022-12-15T11:55:11Z) - Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance.
We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems.
We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
arXiv Detail & Related papers (2020-10-19T13:09:31Z) - Adversarial Machine Learning Attacks and Defense Methods in the Cyber
Security Domain [58.30296637276011]
This paper summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques.
It is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain.
arXiv Detail & Related papers (2020-07-05T18:22:40Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.