Promoting a Secure and Resilient Internet: Abuse Elevation Control Mechanism
Fabrice TEUGUIA
Fabrice TEUGUIA, Cabinet Riding-Up, Programme PCP-ACEFA, Cameroun.
Manuscript received on 22 January 2025 | First Revised Manuscript received on 21 February 2025 | Second Revised Manuscript received on 16 March 2025 | Manuscript Accepted on 15 April 2025 | Manuscript published on 30 April 2025 | PP: 1-4 | Volume-12 Issue-4, April 2025 | Retrieval Number: 100.1/ijies.D105414040325 | DOI: 10.35940/ijies.D1054.12040425
Open Access | Editorial and Publishing Policies | Cite | Zenodo | OJS | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: The Abuse Elevation Control Mechanism (AECM) is a critical cybersecurity concern, as it enables attackers to bypass security controls and obtain unauthorised elevated privileges. This research examines the primary methods attackers use to exploit compromised credentials, including account takeover, credential stuffing, and malware installation. It also highlights key techniques such as bypassing User Account Control (UAC) and exploiting setuid/setgid on Unix-like systems. The article discusses mitigation strategies, including audit and monitoring, privileged account management, and execution prevention. Ultimately, it offers insights into the future of AECM, highlighting the growing sophistication of attacks, emerging attack vectors, and the development of stronger defensive mechanisms. This work aims to inform cybersecurity professionals about the risks of AECM and provide actionable strategies to mitigate these threats.
Keywords: Cyberattacks, Privilege Escalation, Security Standards, Ethical Hacking, Data Protection.
Scope of the Article: Security Technology