Detecttechnique

D3-PCSVProcess Code Segment Verification

Process Code Segment Verification

Definition

Comparing the "text" or "code" memory segments to a source of truth.

Defends against7

TypeTargetConfidenceTier
SubTechniqueProcess Hollowingt1055.012100%live
TechniqueExploitation for Credential Accesst1212100%live
TechniqueExploitation of Remote Servicest1210100%live
TechniqueExploitation for Privilege Escalationt1068100%live
TechniqueExploitation for Client Executiont1203100%live
TechniqueExploitation for Defense Evasiont1211100%live
SubTechniqueCredential API Hookingt1056.004100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Defence
Memory Block Start Validation
Defence
Service Binary Verification
Defence
Process Segment Execution Prevention
Defence
Stack Frame Canary Validation
Defence
Control Flow Integrity
Defence
Process Self-Modification Detection
Sourced from MITRE D3FEND ontology. Curated by Adam Lundqvist, SQUR.