Lightweight Impact Assessment and Projection of Lateral Movement and Malware Infection

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F23%3A00131720" target="_blank" >RIV/00216224:14610/23:00131720 - isvavai.cz</a>

Výsledek na webu

<a href="http://dx.doi.org/10.1109/CNS59707.2023.10288665" target="_blank" >http://dx.doi.org/10.1109/CNS59707.2023.10288665</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1109/CNS59707.2023.10288665" target="_blank" >10.1109/CNS59707.2023.10288665</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Lightweight Impact Assessment and Projection of Lateral Movement and Malware Infection

Popis výsledku v původním jazyce

Resilient IT infrastructures must maintain the required service level even when faced with adversarial activity. Not only should we aim at minimizing the attack surface by hardening our cyber assets, but we should also elaborate on how to respond to running cyber attacks and immediate threats in situations where there is not enough time to patch vulnerabilities or other harden the infrastructures. In this work, we propose a lightweight approach to increasing resilience by projecting the attacker's lateral movement or the spread of malware. While related work builds on elaborate vulnerability assessment and analysis of complex attack paths, we were inspired by recent advances in rapid incident response, namely the recommendation of similar devices close to those already exploited. Using this approach, we can provide prompt recommendations using only the easily obtainable data on the cyber assets, such as device fingerprints. We prioritize promptness and applicability over precision, which complements the existing approaches.

Název v anglickém jazyce

Lightweight Impact Assessment and Projection of Lateral Movement and Malware Infection

Popis výsledku anglicky

Resilient IT infrastructures must maintain the required service level even when faced with adversarial activity. Not only should we aim at minimizing the attack surface by hardening our cyber assets, but we should also elaborate on how to respond to running cyber attacks and immediate threats in situations where there is not enough time to patch vulnerabilities or other harden the infrastructures. In this work, we propose a lightweight approach to increasing resilience by projecting the attacker's lateral movement or the spread of malware. While related work builds on elaborate vulnerability assessment and analysis of complex attack paths, we were inspired by recent advances in rapid incident response, namely the recommendation of similar devices close to those already exploited. Using this approach, we can provide prompt recommendations using only the easily obtainable data on the cyber assets, such as device fingerprints. We prioritize promptness and applicability over precision, which complements the existing approaches.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10200 - Computer and information sciences

Projekt

<a href="/cs/project/EH22_010%2F0003229" target="_blank" >EH22_010/0003229: MSCAfellow5_MUNI</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2023

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

2023 IEEE Conference on Communications and Network Security (CNS)

ISBN

9798350339451

ISSN

—

e-ISSN

—

Počet stran výsledku

6

Strana od-do

1-6

Název nakladatele

IEEE

Místo vydání

New York, NY

Místo konání akce

Orlando

Datum konání akce

2. 10. 2023

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

001095064900006