Promoting a Secure and Resilient Internet: Abuse Elevation Control Mechanism

Article Sidebar

PDF
Published: 30-04-2025
DOI: https://doi.org/10.35940/ijies.D1054.12040425
Keywords:
Cyberattacks, Privilege Escalation, Security Standards, Ethical Hacking, Data Protection

Main Article Content

Fabrice TEUGUIA
Cabinet Riding-Up, Programme PCP-ACEFA, Cameroun.
https://orcid.org/0009-0003-1530-6758

Abstract

The Abuse Elevation Control Mechanism (AECM) is a critical cybersecurity concern, as it allows attackers to bypass security controls and gain unauthorized elevated privileges. This research explores attackers' primary methods to exploit compromised credentials, including account takeover, credential stuffing, and malware installation. It also highlights key techniques such as bypassing User Account Control (UAC) and exploiting setuid/setgid on Unix-like systems. The article discusses mitigation strategies, including audit and monitoring, privileged account management, and execution prevention. Finally, it provides insights into the future of AECM, emphasizing the increasing sophistication of attacks, emerging attack vectors, and stronger defensive mechanisms. This work aims to inform cybersecurity professionals about the risks of AECM and provide actionable strategies to mitigate these threats.

Downloads

Download data is not yet available.

Article Details

Issue

Vol. 12 No. 4 (2025): Volume-12 Issue-4, April 2025

Section

Articles
Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

CC-BY-NC-ND 4.0

How to Cite

[1]
Fabrice TEUGUIA , Tran., “Promoting a Secure and Resilient Internet: Abuse Elevation Control Mechanism”, IJIES, vol. 12, no. 4, pp. 1–4, Apr. 2025, doi: 10.35940/ijies.D1054.12040425.
Share |
Crossref
Scopus
Google Scholar
Europe PMC

References

T. M. Corporation, «Abuse Elevation Control Mechanism,» 01 2020. [En ligne]. Available: https://attack.mitre.org/techniques/T1548/. [Accès le 08 2024]

D. B. S. Z. Michael Tremante, «The

state of application security in 2023,» 03 2023. [En ligne]. Available: https://blog.cloudflare.com/application-security-2023/. [Accès le 08 2024]

«What is Compromised Credential?,» [En ligne]. Available: https://www.silverfort.com/glossary/compromised-credential/. [Accès le 08 2024]

C. Crane, «Compromised Credentials: 7 Ways to Fight Credential Attacks,» 07 2023. [En ligne]. Available: https://www.thesslstore.com/blog/compromised-credentials-ways-to-fight-credential-attacks/. [Accès le 08 2024]

Kalra, Y., Upadhyay, S., & Patheja, Dr. P. S. (2020). Advancements in Cyber Attacks and Security. In International Journal of Innovative Technology and Exploring Engineering (Vol. 9, Issue 4, pp. 1520–1528). DOI: https://doi.org/10.35940/ijitee.d1678.029420

M, D. D., S, B. K., & Lal, D. (2020). Major Hurdles of Cyber Security in 21st Century. In International Journal of Engineering and Advanced Technology (Vol. 9, Issue 3, pp. 1470–1476). DOI: https://doi.org/10.35940/ijeat.c5135.029320

Lakshmi, N. N., P. Karthik, Sai, P. S., & Vishal, A. S. (2024). Implementation of DOS Attack Using NS2. In International Journal of Emerging Science and Engineering (Vol. 12, Issue 6, pp. 1–4). DOI: https://doi.org/10.35940/ijese.f9859.12060524

Sasikumar, H. (2021). DDoS Attack Detection and Classification using Machine Learning Models with Real Time Dataset Created. In International Journal of Recent Technology and Engineering (IJRTE) (Vol. 9, Issue 5, pp. 145–153). DOI: https://doi.org/10.35940/ijrte.e5217.019521

Most read articles by the same author(s)

1 2 3 4 > >>