Empowering Network Infrastructure Cybersecurity

Anat Bremler-Barr, Hanan Iserovich
,
2020
Projects, thesis, and dissertations
Cybersecurity

Abstract

In this work, we argue of an urgent need to secure network infrastructure. Many
organizations suffer from low security of their network elements, placing them at elevated
risk from availability or information leakage cyber-attacks. While the IT infrastructure has
many cybersecurity defenses, network infrastructure protection is neglected for several
reasons: Most security planning and operation rely on the information assurance
methodology: prioritize protection according to the network’s information’s sensitivity.
Network elements are not a regular endpoint; they serve as a critical part of the backbone
and have dedicated operational and security needs. This unique ecosystem makes the
security lifecycle (manage and update) a significant challenge. Consequently, even simple
vulnerabilities expose this critical infrastructure to harmful malware and attacks, although
they are (mistakenly) thought to be hard to reach.
In corollary with the described above, we observed those elements being targeted by
advanced cyber-attack groups like “SHADOW BROKER” [1] [2] [3]. Analysis of those
publications shown dedicated tools exploiting the weaknesses described for various
attacks.
This work will introduce our approach to reducing the threat described by improving the
network element’s management security. We suggest a centralized approach in which all
the management traffic will pass through a dedicated IDS-like mechanism that will detect
or prevent attacks on the critical infrastructure.

@misc{bremler2021empowering,
title={Empowering network infrastructure cybersecurity public},
author={Bremler-Barr, Anat and Iserovich, Hanan},
year={2021},
note={Available at: \url{https://deepness-lab.org/empowering-network-infrastructure-cybersecurity}}
}