# AN1914 — Detection of Drive-by Compromise (ICS) ## Descrição Analítico para detecção de — na plataforma ICS. **Plataformas:** ICS --- ### Fontes de Log | Fonte | Detalhe | |-------|--------| | Network Traffic Content (DC0085) | Network Traffic | | Application Log Content (DC0038) | Application Log | | Process Creation (DC0032) | Process | | File Creation (DC0039) | File | | Network Connection Creation (DC0082) | Network Traffic | ### Data Components Utilizados - [[dc0032-process-creation|DC0032]] - [[dc0038-application-log-content|DC0038]] - [[dc0039-file-creation|DC0039]] - [[dc0082-network-connection-creation|DC0082]] - [[dc0085-network-traffic-content|DC0085]] --- *Fonte: [MITRE ATT&CK — AN1914](https://attack.mitre.org/detectionstrategies/DET0782#AN1914)*