Mudassar is currently working as a research fellow at the department of Information and Communication Technology in Norwegian University of Science and Technology. He is the member of system security research group and the focus of his research is system security, penetration testing, security assessment, intrusion detection. He is currently working on the modelling of attack and defenses scenarios for cyber security exercises in a cyber range. Mudassar recently led the joint civil military team from Norway in Atlantic Council Cyber 9/12 strategy challenge. He received Innovation medal from Interpol for developing smart city policing concepts and is also involved with Interpol World Expert Group on IoT and Smart City Policing. Before joining NTNU Mudassar was an Information Security consultant and served multiple government and private clients. He performed cyber operations ranging from counter terrorism to security assessment of major financial institutions.

He holds the following cyber security certifications: OSCP, LPT Master, CPTE, CEH, CHFI, CBP, CISSO, CCNA, Cyber Ops, KLSE

Windows Based Exploit Chains and Their Detection Mechanism

This article presents a novel algorithm for the detection of exploit chains in a Windows based environment. An exploit chain is a group of exploits that executes synchronously, in order to achieve the system exploitation. Unlike high-risk vulnerabilities that allow system exploitation using only one execution step, an exploit chain takes advantage of multiple medium and low risk vulnerabilities. These are grouped, in order to form a chain of exploits that when executed achieve the exploitation of the system. Experiments were performed to check the effectiveness of developed algorithm against multiple anti-virus/anti-malware solutions available in the market.