Isolatetechnique

D3-SCFSystem Call Filtering

System Call Filtering

Definition

Controlling access to local computer system resources with kernel-level capabilities.

Defends against52

TypeTargetConfidenceTier
SubTechniqueSecurity Software Discoveryt1518.001100%live
SubTechniqueDisable or Modify Toolst1562.001100%live
TechniqueMulti-Factor Authentication Request Generationt1621100%live
TechniqueQuery Registryt1012100%live
TechniqueWindows Management Instrumentationt1047100%live
SubTechniqueControl Panelt1218.002100%live
SubTechniqueMshtat1218.005100%live
TechniqueSystem Service Discoveryt1007100%live
SubTechniqueMavinjectt1218.013100%live
SubTechniqueSecurity Account Managert1003.002100%live
TechniqueNative APIt1106100%live
TechniqueSystem Information Discoveryt1082100%live
SubTechniqueCompiled HTML Filet1218.001100%live
TechniqueModify Authentication Processt1556100%live
SubTechniqueAppInit DLLst1546.010100%live
SubTechniqueCredentials from Web Browserst1555.003100%live
TechniqueDeobfuscate/Decode Files or Informationt1140100%live
SubTechniqueTransport Agentt1505.002100%live
SubTechniqueElevated Execution with Promptt1548.004100%live
TechniqueScheduled Task/Jobt1053100%live
SubTechniqueWeb Shellt1505.003100%live
SubTechniqueThread Execution Hijackingt1055.003100%live
SubTechniquePtrace System Callst1055.008100%live
SubTechniqueMatch Legitimate Name or Locationt1036.005100%live
TechniqueSystem Network Connections Discoveryt1049100%live
SubTechniqueLSASS Memoryt1003.001100%live
TechniqueSystem Owner/User Discoveryt1033100%live
SubTechniqueThread Local Storaget1055.005100%live
SubTechniqueAppCert DLLst1546.009100%live
TechniqueExploitation for Credential Accesst1212100%live

Showing top 30 of 52 by confidence. Click any target to see the full neighbourhood.

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Defence
System Call Analysis
Defence
System Daemon Monitoring
Defence
Kernel-based Process Isolation
Defence
Control Flow Integrity
Defence
System File Analysis
Defence
Network Traffic Filtering
Sourced from MITRE D3FEND ontology. Curated by Adam Lundqvist, SQUR.