Identification of suspicious processes executing on an end-point device by examining the ancestry and siblings of a process, and the associated metadata of each node on the tree, such as process execution, duration, and order relative to siblings and ancestors.
https://d3fend.mitre.org/technique/d3f:ProcessLineageAnalysis/
ID | Name | Description | NIST Rev5 | D3FEND | ISO 27001 |
ID | Name | Description |
---|
ID | Description |
Requirement | Rationale/Additional Guidance/Notes |
---|