{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T05:31:40Z","timestamp":1740115900826,"version":"3.37.3"},"reference-count":23,"publisher":"IEEE","license":[{"start":{"date-parts":[[2024,12,2]],"date-time":"2024-12-02T00:00:00Z","timestamp":1733097600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2024,12,2]],"date-time":"2024-12-02T00:00:00Z","timestamp":1733097600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024,12,2]]},"DOI":"10.1109\/sin63213.2024.10871611","type":"proceedings-article","created":{"date-parts":[[2025,2,13]],"date-time":"2025-02-13T18:33:17Z","timestamp":1739471597000},"page":"1-9","source":"Crossref","is-referenced-by-count":0,"title":["Simulation of Pre-Ransomware Attacks on Active Directory"],"prefix":"10.1109","author":[{"given":"En Jie","family":"Tan","sequence":"first","affiliation":[{"name":"Singapore Institute of Technology,Information Technology Cluster,Singapore"}]},{"given":"Kowit","family":"Tan","sequence":"additional","affiliation":[{"name":"Singapore Institute of Technology,Information Technology Cluster,Singapore"}]},{"given":"Royce Yu","family":"Feng Chong","sequence":"additional","affiliation":[{"name":"Singapore Institute of Technology,Information Technology Cluster,Singapore"}]},{"given":"XingXing","family":"Chen","sequence":"additional","affiliation":[{"name":"Singapore Institute of Technology,Information Technology Cluster,Singapore"}]},{"given":"Yi Ching","family":"Tan","sequence":"additional","affiliation":[{"name":"Singapore Institute of Technology,Information Technology Cluster,Singapore"}]},{"given":"Liming","family":"Lu","sequence":"additional","affiliation":[{"name":"Singapore Institute of Technology,Information Technology Cluster,Singapore"}]},{"given":"Huaqun","family":"Guo","sequence":"additional","affiliation":[{"name":"Singapore Institute of Technology,Information Technology Cluster,Singapore"}]}],"member":"263","reference":[{"article-title":"Microsoft Digital Defense Report 2023 (MDDR) | Microsoft Security Insider","volume-title":"Microsoft","year":"2023","key":"ref1"},{"volume-title":"Singapore: Rate of ransomware attacks 2023","year":"2023","author":"Romero","key":"ref2"},{"volume-title":"CrowdStrike","year":"2024","key":"ref3"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1016\/j.iotcps.2023.12.001"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.3390\/electronics11162629"},{"volume-title":"Red vs. Blue: Modern Active Directory Attacks, Detection, and Protection Whitepaper","author":"Metcalf","key":"ref6"},{"volume-title":"Picus Security. (n.d)","key":"ref7","article-title":"The Complete Active Directory Security Handbook. Exploitation, Detection, and Mitigation Strategies"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.3390\/s22030953"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/3568993"},{"article-title":"Cyber kill chain","volume-title":"Lockheed Martin. (n.d)","year":"2024","key":"ref10"},{"volume-title":"Nist.gov","year":"2024","key":"ref11"},{"volume-title":"Abusing Tokens","key":"ref12","article-title":"HackTricks"},{"volume-title":"Unconstrained delegation","key":"ref13","article-title":"HackTricks. (n.d)"},{"article-title":"Nist.gov","volume-title":"CVE-2020\u20131472 Detail","year":"2020","key":"ref14"},{"volume-title":"Domain Escalation","key":"ref15","article-title":"HackTricks"},{"volume-title":"Places of interest in stealing NetNTLM hashes. Blog of Osanda","year":"2020","author":"Jayathissa","key":"ref16"},{"volume-title":"Dcsync","key":"ref17","article-title":"HackTricks. (n.d)"},{"volume-title":"Phishing Methodology","key":"ref18","article-title":"HackTricks. (n.d)"},{"volume-title":"Kerberoast","key":"ref19","article-title":"HackTricks. (n.d)"},{"volume-title":"Resource-based Constrained Delegation","key":"ref20","article-title":"HackTricks. (n.d)"},{"volume-title":"A Practical Guide To RBCD Exploitation","year":"2024","author":"Pierantoni","key":"ref21"},{"volume-title":"Password Spraying","key":"ref22","article-title":"HackTricks. (n.d)"},{"volume-title":"SID-History Injection","key":"ref23","article-title":"HackTricks. (n.d)"}],"event":{"name":"2024 17th International Conference on Security of Information and Networks (SIN)","start":{"date-parts":[[2024,12,2]]},"location":"Sydney, Australia","end":{"date-parts":[[2024,12,4]]}},"container-title":["2024 17th International Conference on Security of Information and Networks (SIN)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/10871205\/10871241\/10871611.pdf?arnumber=10871611","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,2,20]],"date-time":"2025-02-20T19:49:03Z","timestamp":1740080943000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10871611\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,2]]},"references-count":23,"URL":"https:\/\/doi.org\/10.1109\/sin63213.2024.10871611","relation":{},"subject":[],"published":{"date-parts":[[2024,12,2]]}}}