Abstract—
This paper proposes a technique for improving corporate network audit quality in the course of cyberthreat simulation by enhancing stealth of engagement by minimizing the number of network connections from outside the corporate network.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
REFERENCES
Dakhnovich, A., Moskvin, D., and Zeghzda, D., An approach for providing industrial control system sustainability in the age of digital transformation, IOP Conf. Ser.: Mater. Sci. Eng., 2019, vol. 497, no. 1.
Dakhnovich, A.D., Moskvin, D.A., and Zegzhda, D.P., An approach to building cyber-resistant interactions in the industrial Internet of Things, Autom. Control Comput. Sci., 2019, vol. 53, no. 8, pp. 948–953.
Zegzhda, D.P. and Pavlenko, E.Y., Digital manufacturing security indicators, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 1150–1159.
Dakhnovich, A.D., Moskvin, D.A., and Zegzhda, D.P., Analysis of the information security threats in the digital production networks, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 1071–1075.
Zegzhda, D., Lavrova, D., and Poltavtseva, M., Multifractal security analysis of cyberphysical systems, Nonlinear Phenom. Complex Syst. (Dordrecht, Neth.), 2019, vol. 22, no. 2, pp. 196–204.
Lavrova, D., Zegzhda, D., and Yarmak, A., Predicting cyber attacks on industrial systems using the Kalman filter, 3rd World Conference on Smart Trends in Systems, Security and Sustainability, WorldS4 2019, 2019, pp. 317–321.
Lavrova, D., Zaitceva, E., and Zegzhda, P., Bio-inspired approach to self-regulation for industrial dynamic network infrastructure, CEUR Workshop Proc., 2019, vol. 2603, pp. 34–39.
Zegzhda, D.P., Zegzhda, P.D., and Kalinin, M.O., Clarifying integrity control at the trusted information environment, Lect. Notes Comput. Sci., 2010, vol. 6258, pp. 337–344.
Zegzhda, D.P., Kalinin, M.O., and Levykin, M.V., Actual vulnerabilities of industrial automation protocols of an open platform communications series, Autom. Control Comput. Sci., 2019, vol. 53, no. 8, pp. 972–979.
Stepanova, T., Pechenkin, A., and Lavrova, D., Ontology-based big data approach to automated penetration testing of large-scale heterogeneous systems, ACM International Conference Proceeding Series, 2015. https://doi.org/10.1145/2799979.2799995
Poltavtseva, M.A. and Pechenkin, A.I., Intelligent data analysis in decision support systems for penetration tests, Autom. Control Comput. Sci., 2017, vol. 51, pp. 985–991. https://doi.org/10.3103/S014641161708017X
The Penetration Testing Execution Standard Documentation, Release 1.1. http://www.pentest-standard.org/ index.php/Post_Exploitation#Purpose. Accessed October 20, 2019.
Egressing Bluecoat with CobaltStike & Let’s Encrypt. https://cybersyndicates.com/2016/12/egressing-bluecoat-with-cobaltstike-letsencrypt/. Accessed October 20, 2019.
Red Team Insights on HTTPS Domain Fronting Google Hosts Using Cobalt Strike. https://www.cyberark.com/threat-research-blog/red-team-insights-https-domain-fronting-google-hosts-using-cobalt-strike/. Accessed October 20, 2019.
https://github.com/bluscreenofjeff/bluscreenofjeff.github.io/blob/master/_posts/2017-03-01-how-to-make-communication-profiles-for-empire.md. Accessed October 20, 2019.
Empire – Modifying Server C2 Indicators. http://threatexpress.com/2017/05/empire-modifying-server-c2-indicators/. Accessed October 20, 2019.
Kosenko, M.Yu., A multi-agent system for detecting and blocking botnets by detecting control traffic based on data mining, Cand. Sci. (Eng.) Dissertation, Chelyabinsk, 2017.
Zegzhda, P.D., Lavrova, D.S., and Shtyrkina, A.A., Multifractal analysis of internet backbone traffic for detecting denial of service attacks, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 936–944.
Minin, A. and Kalinin, M., Information security in computer networks with dynamic topology, ACM International Conference Proceeding Series, 2015. https://doi.org/10.1145/2799979.2800023
Lavrova, D.S., Alekseev, I.V., and Shtyrkina, A.A., Security analysis based on controlling dependences of network traffic parameters by wavelet transformation, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 931–935.
Author information
Authors and Affiliations
Corresponding authors
Ethics declarations
The authors declare that they have no conflicts of interest.
Additional information
Translated by S. Kuznetsov
About this article
Cite this article
Eremeev, M.A., Zakharchuk, I.I. A Procedure for Improving Information System Audit Quality by Enhancing Cyberthreat Simulation in Practice. Aut. Control Comp. Sci. 54, 854–859 (2020). https://doi.org/10.3103/S0146411620080118
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.3103/S0146411620080118