LAUSR.org creates dashboard-style pages of related content for over 1.5 million academic articles. Sign Up to like articles & get recommendations!

A Methodological Framework for AI-Assisted Security Assessments of Active Directory Environments

Photo from wikipedia

The pervasiveness of complex technological infrastructures and services coupled with the continuously evolving threat landscape poses new sophisticated security risks. These risks are mostly associated with many diverse vulnerabilities related… Click to show full abstract

The pervasiveness of complex technological infrastructures and services coupled with the continuously evolving threat landscape poses new sophisticated security risks. These risks are mostly associated with many diverse vulnerabilities related to software or hardware security flaws, misconfigurations and operational weaknesses. In this scenario, a timely assessment and mitigation of the security risks affecting technological environments are of paramount importance. To cope with these compelling issues, we propose an AI-assisted methodological framework aimed at evaluating whether the target environment is vulnerable or safe. The framework is based on the combined application of graph-based and machine learning techniques. More precisely, the components of the target together with their vulnerabilities are represented by graphs whose analysis identifies the attack paths associated with potential security threats. Machine learning techniques classify these paths and provide the security assessment of the target. The experimental evaluation of the proposed framework was performed on 220 artificially generated Active Directory environments, half of which injected with vulnerabilities. The results of the classification process were generally good. For example, the F1-score obtained by the Random Forest classifier for the assessment of vulnerable networks was equal to 0.91. These results suggest that our approach could be applied for automating the security assessment procedures of complex networked environments.

Keywords: methodological framework; directory environments; framework; security; active directory

Journal Title: IEEE Access
Year Published: 2023

Link to full text (if available)


Share on Social Media:                               Sign Up to like & get
recommendations!

Related content

More Information              News              Social Media              Video              Recommended



                Click one of the above tabs to view related content.