Detecting Privilege Escalation with Temporal Braid Groups
This addresses security monitoring for cloud administrators, though it appears incremental with a small non-commutation advantage.
The paper tackles the problem of detecting privilege escalation risks in Cloud permission graphs by using the Burau Lyapunov exponent as an algebraic probe to distinguish between dispersed and focused risk regimes, achieving actionable discrimination for automated classification and remediation.
Within the Strongly Connected Components (SCCs) formed during the temporal evolution of a Cloud permission graph, we use the Burau Lyapunov exponent LE as an algebraic probe to locate the boundary between two risks regimes. We prove that no Abelian statistic (edge counts, net privilege flow, gate-firing rates) can determine LE. The non-commutation advantage is small, but actionable: we show how to leverage it to discriminate the two outstanding risk regimes, that we call dispersed and focused, for automating classification and governing remediation of risky Cloud permission flows.