Robust Large-Scale Detection of Living-Off-the-Land Reverse Shells via Data Synthesis

This research paper presents a method for detecting living-off-the-land reverse shells (attacks where hackers use built-in system tools already present on a computer to create a backdoor connection back to their own machine) at a large scale by using data synthesis (artificially creating training examples rather than collecting real attack data). The approach aims to improve security detection systems' ability to identify these sneaky attacks that are hard to catch because they blend in with normal system activity.