Promoting a Secure and Resilient Internet: Abuse Elevation Control Mechanism
Fabrice TEUGUIA
Fabrice TEUGUIA, Cabinet Riding-Up, Programme PCP-ACEFA, Cameroun.
Manuscript received on 22 January 2025 | First Revised Manuscript received on 21 February 2025 | Second Revised Manuscript received on 16 March 2025 | Manuscript Accepted on 15 April 2025 | Manuscript published on 30 April 2025 | PP: 1-4 | Volume-12 Issue-4, April 2025 | Retrieval Number: 100.1/ijies.D105414040325 | DOI: 10.35940/ijies.D1054.12040425
Open Access | Editorial and Publishing Policies | Cite | Zenodo | OJS | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: The Abuse Elevation Control Mechanism (AECM) is a critical cybersecurity concern, as it allows attackers to bypass security controls and gain unauthorized elevated privileges. This research explores attackers’ primary methods to exploit compromised credentials, including account takeover, credential stuffing, and malware installation. It also highlights key techniques such as bypassing User Account Control (UAC) and exploiting setuid/setgid on Unix-like systems. The article discusses mitigation strategies, including audit and monitoring, privileged account management, and execution prevention. Finally, it provides insights into the future of AECM, emphasizing the increasing sophistication of attacks, emerging attack vectors, and stronger defensive mechanisms. This work aims to inform cybersecurity professionals about the risks of AECM and provide actionable strategies to mitigate these threats.
Keywords: Cyberattacks, Privilege Escalation, Security Standards, Ethical Hacking, Data Protection.
Scope of the Article: Security Technology