Scalable edge blocking algorithms for defending active directory style attack graphs
Active Directory (AD) is the default security management system for Windows domain
networks. An AD environment naturally describes an attack graph where nodes represent …
networks. An AD environment naturally describes an attack graph where nodes represent …
A scalable double oracle algorithm for hardening large active directory systems
Active Directory (AD) is a popular information security management system for Windows
domain networks and is an ongoing common target for cyber attacks. Most real-world Active …
domain networks and is an ongoing common target for cyber attacks. Most real-world Active …
Evolving Reinforcement Learning Environment to Minimize Learner's Achievable Reward: An Application on Hardening Active Directory Systems
We study a Stackelberg game between one attacker and one defender in a configurable
environment. The defender picks a specific environment configuration. The attacker …
environment. The defender picks a specific environment configuration. The attacker …
Limited Query Graph Connectivity Test
We propose a combinatorial optimisation model called Limited Query Graph Connectivity
Test. We consider a graph whose edges have two possible states (On/Off). The edges' states …
Test. We consider a graph whose edges have two possible states (On/Off). The edges' states …
[PDF][PDF] Near optimal strategies for honeypots placement in dynamic and large active directory networks
Microsoft Active Directories (AD) are popular directory services for identity and access
management and are deployed at most enterprises. Due to their popularity, AD systems …
management and are deployed at most enterprises. Due to their popularity, AD systems …
Enhancing Network Resilience through Machine Learning-powered Graph Combinatorial Optimization: Applications in Cyber Defense and Information Diffusion
D Goel - arXiv preprint arXiv:2310.10667, 2023 - arxiv.org
With the burgeoning advancements of computing and network communication technologies,
network infrastructures and their application environments have become increasingly …
network infrastructures and their application environments have become increasingly …
Surgical immunization strategies against lateral movement in Active Directory environments
D Herranz-Oliveros, I Marsa-Maestre… - Journal of Network and …, 2024 - Elsevier
Lateral movement, in which a cyber attacker progresses through an enterprise network in
order to compromise its most valuable assets, is a key stage of any intrusion nowadays …
order to compromise its most valuable assets, is a key stage of any intrusion nowadays …
Catch Me if You Can: Effective Honeypot Placement in Dynamic AD Attack Graphs
We study a Stackelberg game between an attacker and a defender on large Active Directory
(AD) attack graphs where the defender employs a set of honeypots to stop the attacker from …
(AD) attack graphs where the defender employs a set of honeypots to stop the attacker from …
Optimizing Cyber Defense in Dynamic Active Directories through Reinforcement Learning
This paper addresses a significant gap in Autonomous Cyber Operations (ACO) literature:
the absence of effective edge-blocking ACO strategies in dynamic, real-world networks. It …
the absence of effective edge-blocking ACO strategies in dynamic, real-world networks. It …
Optimizing Cyber Response Time on Temporal Active Directory Networks Using Decoys
Microsoft Active Directory (AD) is the default security management system for Window
domain network. We study the problem of placing decoys in AD network to detect potential …
domain network. We study the problem of placing decoys in AD network to detect potential …