Start thinking in graphs: using graphs to address critical attack paths in a Microsoft cloud tenant

Research Output

The challenge of securing IT environments has reached a new complexity level as a growing number of organisations adopt cloud solutions. This trend increases the possibility of overseen attack paths in an organisation’s IT infrastructure. This paper proposes a methodology for assessing the security of a Microsoft cloud tenant based on the relationships between different cloud entities through the use of graphs. This paper argues for using graph theory as an effective method to understand and uncover complex entity attack paths. To achieve this, we implemented a graph analytics platform using data from a Microsoft cloud test tenant. Methods based on graph theory proved to measurably reduce possible attack paths. Our research can support defenders who want to better understand the interrelationships of Microsoft cloud entities as well as identify and remediate possible attack paths.

Type:

Article
Date:

19 September 2023
Publication Status:

Published
Publisher

Springer Science and Business Media LLC
DOI:

10.1007/s10207-023-00751-6
ISSN:

2356-5845
Funders:

Edinburgh Napier Funded

http://researchrepository.napier.ac.uk/output/3201445 Elmiger, M., Lemoudden, M., Pitropakis, N., & Buchanan, W. J. (2024). Start thinking in graphs: using graphs to address critical attack paths in a Microsoft cloud tenant. International Journal of Information Security, 23, 467-485. https://doi.org/10.1007/s10207-023-00751-6

Citation

Elmiger, M., Lemoudden, M., Pitropakis, N., & Buchanan, W. J. (2024). Start thinking in graphs: using graphs to address critical attack paths in a Microsoft cloud tenant. International Journal of Information Security, 23, 467-485. https://doi.org/10.1007/s10207-023-00751-6