Predicting Adversary Lateral Movement Patterns with Deep Learning
share
This paper develops a predictive model for which host, in an enterprise network, an adversary is likely to compromise next in the course of a campaign. Such a model might support dynamic monitoring or defenses. We generate data for this model using simulated networks, with hosts, users, and adversaries as first-class entities. We demonstrate the predictive accuracy of the model on out-of-sample simulated data, and validate the findings against data captured from a Red Team event on a live enterprise network
READ FULL TEXT
