Lightweight Impact Assessment and Projection of Lateral Movement and Malware Infection

Logo poskytovatele

Varování

Publikace nespadá pod Ekonomicko-správní fakultu, ale pod Ústav výpočetní techniky. Oficiální stránka publikace je na webu muni.cz.
Autoři

HUSÁK Martin JAVORNÍK Michal

Rok publikování 2023
Druh Článek ve sborníku
Konference 2023 IEEE Conference on Communications and Network Security (CNS)
Fakulta / Pracoviště MU

Ústav výpočetní techniky

Citace
www https://ieeexplore.ieee.org/document/10288665
Doi http://dx.doi.org/10.1109/CNS59707.2023.10288665
Klíčová slova cybersecurity;resilience;lateral movement
Přiložené soubory
Popis Resilient IT infrastructures must maintain the required service level even when faced with adversarial activity. Not only should we aim at minimizing the attack surface by hardening our cyber assets, but we should also elaborate on how to respond to running cyber attacks and immediate threats in situations where there is not enough time to patch vulnerabilities or other harden the infrastructures. In this work, we propose a lightweight approach to increasing resilience by projecting the attacker's lateral movement or the spread of malware. While related work builds on elaborate vulnerability assessment and analysis of complex attack paths, we were inspired by recent advances in rapid incident response, namely the recommendation of similar devices close to those already exploited. Using this approach, we can provide prompt recommendations using only the easily obtainable data on the cyber assets, such as device fingerprints. We prioritize promptness and applicability over precision, which complements the existing approaches.
Související projekty:

Používáte starou verzi internetového prohlížeče. Doporučujeme aktualizovat Váš prohlížeč na nejnovější verzi.