Design & development of a cybersecurity tool for attack surface discovery with automated target-network reconnaissance
Σχεδιασμός & υλοποίηση ενός εργαλείου κυβερνοασφάλειας για την ανίχνευση επιφάνειας επίθεσης με αυτοματοποιημένη χαρτογράφηση δικτύου-στόχου
View/
Keywords
Cybersecurity ; Tool ; Target network ; Attack lifecycle ; Attack surface ; Reconnaissance ; Κυβερνοασφάλεια ; Επιφάνεια επίθεσης ; Χαρτογράφηση δικτύου ; Cyber kill chain ; Attack lifecycle ; Vulnerabilities ; OSCTI ; CAPEC ; CPE ; CVE ; Cybersecurity ; Open ports ; Domain ; Subdomain ; Neo4j ; OWASP ; Amass ; Banner grabbing ; Risk management ; Risk assessmentAbstract
As modern infrastructures grow, they increasingly rely on modern technologies such cloud services, IoT and edge devices. This technological expansion, causes current attack surfaces to grow, posing significant challenges for cybersecurity. This thesis examines how the growing exposure of business functions creates vulnerabilities, requiring both increased cybersecurity measures and employee awareness. The concept of the attack surface is broken down, starting with foundational elements such as domain names, IP addresses, ports and services which are common initial access vectors of known attack campaigns. The current study also explores how misconfigurations such as open ports and exposed services can be enumerated and aligned to correlated Open-Source Cyber Threat Intelligence (OSCTI) data. Considering the foundational elements of the attack surface, as well as their interconnections with OSCTI, this thesis presents a methodology as well as an implementation that can automate the procedure of enumerating and visualizing the attack surface of organizations in the context of assets and vulnerabilities that can be traced under specific domains. This approach can support the current rate of expansion by offering a solution able to continuously map newly integrated assets in pre-existing exposed infrastructures, through iterative usage. This solution provides insights into securing infrastructure more effectively by minimizing exposure and mitigating risks in a perpetual manner, ultimately contributing to a more resilient cybersecurity posture.
Postgraduate Studies Programme
Κατανεμημένα Συστήματα, Ασφάλεια και Αναδυόμενες Τεχνολογίες ΠληροφορίαςDepartment
Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα ΠληροφορικήςNumber of pages
109Language
EnglishCollections
Except where otherwise noted, this item's license is described as
Αναφορά Δημιουργού-Μη Εμπορική Χρήση-Όχι Παράγωγα Έργα 3.0 Ελλάδα
Αναφορά Δημιουργού-Μη Εμπορική Χρήση-Όχι Παράγωγα Έργα 3.0 Ελλάδα