Real Time Lateral Movement Detection based on Evidence Reasoning Network for Edge Computing Environment
This addresses security vulnerabilities in edge computing for users and systems, though it appears incremental as it builds on existing evidence reasoning networks.
The paper tackles lateral movement attacks in edge-cloud environments by proposing CloudSEC, a real-time detection method based on an evidence reasoning network that uses vulnerability correlation, achieving complete and credible results in experiments.
Edge computing is providing higher class intelligent service and computing capabilities at the edge of the network. The aim is to ease the backhaul impacts and offer an improved user experience, however, the edge artificial intelligence exacerbates the security of the cloud computing environment due to the dissociation of data, access control and service stages. In order to prevent users from using the edge-cloud computing environment to carry out lateral movement attacks, we proposed a method named CloudSEC meaning real time lateral movement detection based on evidence reasoning network for the edge-cloud environment. The concept of vulnerability correlation is introduced. Based on the vulnerability knowledge and environmental information of the network system, the evidence reasoning network is constructed, and the lateral movement reasoning ability provided by the evidence reasoning network is used. CloudSEC realizes the reconfiguration of the efficient real-time attack process. The experiment shows that the results are complete and credible.