Designing and engineering LLM techniques for detecting novel bash attacks
Alessandro Redi
Designing and engineering LLM techniques for detecting novel bash attacks.
Rel. Marco Mellia, Luca Vassio, Matteo Boffa. Politecnico di Torino, Corso di laurea magistrale in Ict For Smart Societies (Ict Per La Società Del Futuro), 2024
|
Preview |
PDF (Tesi_di_laurea)
- Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives. Download (5MB) | Preview |
Abstract
In recent years, command-line interface (CLI) commands have become more articulated and increased in complexity. This has underscored the possible need for advanced tools that can efficiently analyze and understand this data. In this thesis, Bash is the language taken into account. Command-line interactions, which are integral to system administration, software development, and data processing, often involve sequences of commands, from now on called sessions, and their corresponding outputs that encode rich semantic details. However, capturing and leveraging this information for tasks such as session similarity measurement, anomaly detection, and command category classification, can present a significant challenge especially when an attacker exploits noisy or obfuscated sessions.
Indeed one of the main objectives of this thesis is to find the answer to the following question: Is it really needed to understand the semantic meaning of a Bash session or its syntax analysis is enough for the previously said tasks? The thesis introduces a comparison between different methods applied for the resolution of the novelty detection problem
Tipo di pubblicazione
URI
 |
Modifica (riservato agli operatori) |
