From: A flexible approach for cyber threat hunting based on kernel audit records
Log file | APT cases included |
---|---|
Win_1(five) | None |
Win_2(five-2) | Attack_1: Firefox Backdoor |
Attack_2: Browser Extension | |
Attack_3: Phishing E-mail | |
Linux_1(trace-1) | Attack_4: Phishing E-mail |
Attack_11: Pine Backdoor | |
Linux_2(theia-6r) | Attack_5: Firefox Backdoor |
Attack_6: Browser Extension | |
Attack_7: Phishing E-mail | |
Attack_8: Phishing E-mail | |
BSD_1(cadets) | Attack_9: Nginx Backdoor |
BSD_2(cadets-1) | None |
BSD_3(cadets-2) | Attack_10: Nginx Backdoor |