Lightweight Impact Assessment and Projection of Lateral Movement and Malware Infection

Investor logo

Warning

This publication doesn't include Faculty of Economics and Administration. It includes Institute of Computer Science. Official publication website can be found on muni.cz.
Authors

HUSÁK Martin JAVORNÍK Michal

Year of publication 2023
Type Article in Proceedings
Conference 2023 IEEE Conference on Communications and Network Security (CNS)
MU Faculty or unit

Institute of Computer Science

Citation
Web https://ieeexplore.ieee.org/document/10288665
Doi http://dx.doi.org/10.1109/CNS59707.2023.10288665
Keywords cybersecurity;resilience;lateral movement
Attached files
Description Resilient IT infrastructures must maintain the required service level even when faced with adversarial activity. Not only should we aim at minimizing the attack surface by hardening our cyber assets, but we should also elaborate on how to respond to running cyber attacks and immediate threats in situations where there is not enough time to patch vulnerabilities or other harden the infrastructures. In this work, we propose a lightweight approach to increasing resilience by projecting the attacker's lateral movement or the spread of malware. While related work builds on elaborate vulnerability assessment and analysis of complex attack paths, we were inspired by recent advances in rapid incident response, namely the recommendation of similar devices close to those already exploited. Using this approach, we can provide prompt recommendations using only the easily obtainable data on the cyber assets, such as device fingerprints. We prioritize promptness and applicability over precision, which complements the existing approaches.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.