nach oben

Erschienen in:

2024 | OriginalPaper | Buchkapitel

Strengthening Cloud Applications: A Deep Dive into Kill Chain Identification, Scoring, and Automatic Penetration Testing

verfasst von : Stefano Simonetto

Erschienen in: Research Challenges in Information Science

Verlag: Springer Nature Switzerland

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The need to anticipate and defend against potential threats is paramount in cybersecurity. This study addresses two fundamental questions: what attacks can be performed against my system, and how can these attacks be thwarted?

Addressing the first question, this work introduces an innovative method for generating executable attack programs, showcasing the practicality of potential breach scenarios. This approach not only establishes the theoretical vulnerability of a system but also underscores its susceptibility to exploitation.

To respond to the second question, the proposed approach explores a range of mechanisms to counter and thwart the exposed attack strategies. The aim is to use robust and adaptive defensive strategies, leveraging insights from the demonstrated attack programs. These mechanisms encompass proactive measures, such as automatic penetration testing and behavior analysis, and reactive approaches, such as rapid patch deployment and vulnerability prioritization. The resilience of systems against potential breaches can be enhanced by intertwining attack pathways with comprehensive countermeasures, thereby disrupting the adversary’s kill chains. This study aims to contribute to the containerized application security deployed in different environments, like the Cloud, Edge, 5G, Internet of Things (IoT), and Industrial IoT (IIoT), by taking these scenarios as a case study.

This research contributes to the evolution of cyber threat analysis through a Design Science Research (DSR) approach, focusing on developing and validating artifacts, tools, and frameworks. Defenders can anticipate, combat, and ultimately mitigate emerging threats in an increasingly complex digital environment by creating tangible attack programs and formulating effective thwarting mechanisms.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Novelty-Driven Evolutionary Scriptless Testing

Nächstes Kapitel Improving Understanding of Misinformation Campaigns with a Two-Stage Methodology Using Semantic Analysis of Fake News

Docker website. https://www.docker.com/. Accessed 21 Mar 2024

Kubernetes goat. https://github.com/madhuakula/kubernetes-goat. Accessed 21 Mar 2024

Matrix - Enterprise | MITRE ATT &CK. https://attack.mitre.org/matrices/ enterprise/containers/. Accessed 21 Mar 2024

Peirates. https://github.com/inguardians/peirates. Accessed 21 Mar 2024

Production-grade container orchestration. https://kubernetes.io/. Accessed 21 Mar 2024

Aquasecurity: Kube-hunter (2023). https://github.com/aquasecurity/kube-hunter

Blaise, A., Rebecchi, F.: Stay at the helm: secure kubernetes deployments via graph generation and attack reconstruction. In: 2022 IEEE 15th International Conference on Cloud Computing (CLOUD), pp. 59–69 (2022). https://doi.org/10.1109/CLOUD55607.2022.00022

Goethals, T., De Turck, F., Volckaert, B.: Fledge: kubernetes compatible container orchestration on low-resource edge devices. In: Hsu, C.H., Kallel, S., Lan, K.C., Zheng, Z. (eds.) IOV 2019. LNCS, vol. 11894, pp. 174–189. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-38651-1_16CrossRef

Grigorescu, O., Nica, A., Dascalu, M., Rughinis, R.: CVE2ATT &CK: BERT-based mapping of CVEs to MITRE ATT &CK techniques. Algorithms 15(9), 314 (2022)CrossRef

10.

Gupta, C., van Ede, T., Continella, A.: Honeykube: designing and deploying a microservices-based web honeypot. In: SecWeb 2023 (2023)

11.

Hemberg, E., et al.: Linking threat tactics, techniques, and patterns with defensive weaknesses, vulnerabilities and affected platform configurations for cyber hunting. arXiv preprint arXiv:2010.00533 (2020)

12.

Hevner, A.R., March, S.T., Park, J., Ram, S.: Design science in information systems research. MIS Q. 75–105 (2004)

13.

Hutchins, E.M., Cloppert, M.J., Amin, R.M., et al.: Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. In: Leading Issues in Information Warfare & Security Research, vol. 1, no. 1, p. 80 (2011)

14.

IBM Security: Cost of a data breach - a view from the cloud 2021 (2021). https://www.ibm.com/downloads/cas/JDALZGKJ

15.

Kaushik, P., Rao, A.M., Singh, D.P., Vashisht, S., Gupta, S.: Cloud computing and comparison based on service and performance between amazon AWS, Microsoft Azure, and google cloud. In: 2021 International Conference on Technological Advancements and Innovations (ICTAI), pp. 268–273. IEEE (2021)

16.

Koziolek, H., Eskandani, N.: Lightweight kubernetes distributions: a performance comparison of MicroK8s, k3s, k0s, and Microshift. In: Proceedings of the 2023 ACM/SPEC International Conference on Performance Engineering (2023)

17.

Loureiro, S.: Security misconfigurations and how to prevent them. Netw. Secur. 2021(5), 13–16 (2021)CrossRef

18.

Minna, F., Massacci, F.: SoK: run-time security for cloud microservices. are we there yet?. Comput. Secur. 103119 (2023)

19.

National Institute of Standards and Technology (NIST): National Vulnerability Database. https://nvd.nist.gov/vuln-metrics/cvss. Accessed 21 Mar 2024

20.

Shopify: kubeaudit. GitHub (2023). https://github.com/Shopify/kubeaudit

21.

Simonetto, S., Bosch, P.: Are we reasoning about cloud application vulnerabilities in the right way? In: 8th IEEE European Symposium on Security and Privacy (2023)

22.

The MITRE Corporation: Common attack pattern enumeration and classification. https://capec.mitre.org/. Accessed 21 Mar 2024

23.

The MITRE Corporation: Common Weakness Enumeration (CWE). https://cwe.mitre.org/. Accessed 21 Mar 2024

24.

The MITRE Corporation: CVE. https://cve.mitre.org/. Accessed 21 Mar 2024

Titel: Strengthening Cloud Applications: A Deep Dive into Kill Chain Identification, Scoring, and Automatic Penetration Testing
verfasst von: Stefano Simonetto
Verlag: Springer Nature Switzerland
Buch: Research Challenges in Information Science
Print ISBN: 978-3-031-59467-0

Electronic ISBN: 978-3-031-59468-7

Copyright-Jahr: 2024
DOI: https://doi.org/10.1007/978-3-031-59468-7_13

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner