Analyze Indicators of Malicious Activity

---

Goals

• Analyze indicators of malicious activity in malware, physical, network, and application attacks

Malware Attack Indicators

• Malware Attack Vectors
• Virus
• Worm
• Fileless Malware
• Spyware and Keyloggers
• Backdoors and Remote Access Trojans
• Rootkit
• Ransomware
• Crypto-Malware
• Logic Bomb
• Tactics, Techniques, and Procedures (TTPs)
• Indicators of Compromise (IoCs)
• Malicious Activity Indicators

Physical and Network Attack Indicators

• Physical Attacks
• Network Attacks
• Denial of Service (DoS) Attack
• Distributed DoS (DDoS) Attack
  • SYN Flood Attack
  • Distributed DoS (DDoS) Attack
    • Amplification Attack
  • DDoS Indicators
• Man-in-the-Middle Attack (On-Path)
• DNS Attacks
• Wireless Network Attacks
• Password Attacks
• Credential Replay Attacks
• Cryptographic Attacks
  • Downgrade Attack
  • Collision Attack
  • Birthday Attack
• Malicious Code Indicators

Application Attack Indicators

• Application Attacks
• Privilege Escalation
• Buffer Overflow
• Replay Attack
• Forgery Attack
  • Cross-Site Request Forgery (CSRF)
  • Server-Side Request Forgery (SSRF)
• Injection Attack
  • SQL Injection
  • Extensible Markup Language (XML) Injection
  • LDAP Injection
• Directory Traversal
• Command Injection Attack
• URL Analysis
• Web Server Logs