Research Output
Start thinking in graphs: using graphs to address critical attack paths in a Microsoft cloud tenant
  The challenge of securing IT environments has reached a new complexity level as a growing number of organisations adopt cloud solutions. This trend increases the possibility of overseen attack paths in an organisation’s IT infrastructure. This paper proposes a methodology for assessing the security of a Microsoft cloud tenant based on the relationships between different cloud entities through the use of graphs. This paper argues for using graph theory as an effective method to understand and uncover complex entity attack paths. To achieve this, we implemented a graph analytics platform using data from a Microsoft cloud test tenant. Methods based on graph theory proved to measurably reduce possible attack paths. Our research can support defenders who want to better understand the interrelationships of Microsoft cloud entities as well as identify and remediate possible attack paths.

  • Type:

    Article

  • Date:

    19 September 2023

  • Publication Status:

    Published

  • Publisher

    Springer Science and Business Media LLC

  • DOI:

    10.1007/s10207-023-00751-6

  • ISSN:

    2356-5845

  • Funders:

    Edinburgh Napier Funded

Citation

Elmiger, M., Lemoudden, M., Pitropakis, N., & Buchanan, W. J. (2024). Start thinking in graphs: using graphs to address critical attack paths in a Microsoft cloud tenant. International Journal of Information Security, 23, 467-485. https://doi.org/10.1007/s10207-023-00751-6

Authors

Keywords

Graph theory, Attack path, Microsoft cloud, Azure AD, Cloud security, Neo4j, BloodHound

Monthly Views:

Available Documents