Replication: Network-based Lateral Movement Detection Methods Using Machine Learning
| Autoři | |
|---|---|
| Rok publikování | 2025 |
| Druh | Článek ve sborníku |
| Konference | 21st International Conference on Network and Service Management |
| Fakulta / Pracoviště MU | |
| Citace | |
| www | https://opendl.ifip-tc6.org/db/conf/cnsm/cnsm2025/1571196179.pdf |
| Klíčová slova | lateral movement; pivoting; link prediction |
| Přiložené soubory | |
| Popis | Pivoting is a technique commonly employed by advanced adversaries to perform lateral movement within a network. In this process, an attacker leverages an intermediary host to relay commands to otherwise inaccessible systems. In this work, we survey the current state-of-the-art lateral movement detection techniques and identify approaches best suited for detecting pivoting behavior. Specifically, we focus on methods analyzing network traffic, not system logs, since we are looking for network-wide solution. We present the results of a replicability study, in which we find that only a few proposed approaches also publish a usable implementation, but their results are promising. |