The product is a threat detection tool designed to enhance an organization's ability to identify the execution of obfuscated commands in CMD. It utilizes the Support Vector Machine (SVM) algorithm and offers three features: classification of a manually entered command, classification of commands from a file, and integration with Sysmon and PowerShell to classify commands executed on the device. The tool is specifically aimed at Security Operation teams and provides them with visibility into previously undetectable indicators of compromise.
Documentation
Contact
My name is Melanie Dudas and I am a 4th year Cybercrime and IT security student. For any questions about this project feel free to contact me via email or LinkedIn.
Email:
c00253245@itcarlow.ie