Visible to the public Assessing Security and Dependability of a Network System Susceptible to Lateral Movement Attacks

TitleAssessing Security and Dependability of a Network System Susceptible to Lateral Movement Attacks
Publication TypeConference Paper
Year of Publication2020
AuthorsKang, Hongyue, Liu, Bo, Mišić, Jelena, Mišić, Vojislav B., Chang, Xiaolin
Conference Name2020 International Conference on Computing, Networking and Communications (ICNC)
KeywordsAnalytical models, Computational modeling, Computers, Costs, Dependability., Lateral movement attack, Measurement, pubcrawl, resilience, Resiliency, security, statistical analysis, Stochastic Computing Security, Stochastic processes, survivability model, Transient analysis
AbstractLateral movement attack performs malicious activities by infecting part of a network system first and then moving laterally to the left system in order to compromise more computers. It is widely used in various sophisticated attacks and plays a critical role. This paper aims to quantitatively analyze the transient security and dependability of a critical network system under lateral movement attacks, whose intruding capability increases with the increasing number of attacked computers. We propose a survivability model for capturing the system and adversary behaviors from the time instant of the first intrusion launched from any attacked computer to the other vulnerable computers until defense solution is developed and deployed. Stochastic Reward Nets (SRN) is applied to automatically build and solve the model. The formulas are also derived for calculating the metrics of interest. Simulation is carried out to validate the approximate accuracy of our model and formulas. The quantitative analysis can help network administrators make a trade-off between damage loss and defense cost.
Citation Keykang_assessing_2020