Lightweight Impact Assessment and Projection of Lateral Movement and Malware Infection
Authors | |
---|---|
Year of publication | 2023 |
Type | Article in Proceedings |
Conference | 2023 IEEE Conference on Communications and Network Security (CNS) |
MU Faculty or unit | |
Citation | |
Web | https://ieeexplore.ieee.org/document/10288665 |
Doi | http://dx.doi.org/10.1109/CNS59707.2023.10288665 |
Keywords | cybersecurity;resilience;lateral movement |
Attached files | |
Description | Resilient IT infrastructures must maintain the required service level even when faced with adversarial activity. Not only should we aim at minimizing the attack surface by hardening our cyber assets, but we should also elaborate on how to respond to running cyber attacks and immediate threats in situations where there is not enough time to patch vulnerabilities or other harden the infrastructures. In this work, we propose a lightweight approach to increasing resilience by projecting the attacker's lateral movement or the spread of malware. While related work builds on elaborate vulnerability assessment and analysis of complex attack paths, we were inspired by recent advances in rapid incident response, namely the recommendation of similar devices close to those already exploited. Using this approach, we can provide prompt recommendations using only the easily obtainable data on the cyber assets, such as device fingerprints. We prioritize promptness and applicability over precision, which complements the existing approaches. |
Related projects: |