intelligence

Protecting Against Malware: Using DPI Inside Security Solutions to Detect Lateral Movements

Malware concept with vintage businessman and laptop

When malware successfully infiltrates a network, it typically evolves through the cyber kill chain in an attempt to reach the final goal of data exfiltration, a ransom request and so on. During the lateral movement stage, when it tries to propagate the network and access resources, it generates specific types of network traffic. It is here that it becomes most vulnerable to detection. However, distinguishing potential threats from legitimate traffic requires the management and analysis of huge amounts of data often complicated by the high number of false positives.

DPI software, embedded in security solutions, is highly effective in accurately detecting network-based lateral movement, allowing rapid containment of attacks and remediation. The protocol information and metadata can be used to improve the results of user behavior analysis and machine learning, and to enable mitigation at each stage of the kill chain, improving the effectiveness of security solutions.

This white paper looks at attack techniques, the vulnerability of an attack during the lateral movement phase, the ability of DPI to detect infiltration during this phase and different techniques for doing so.

Please fill in the short form below to receive a copy of this whitepaper - Fields labelled with * are mandatory.
    By downloading this whitepaper you agree to be subject to the opt-in section of our privacy policy available here: http://telecoms.com/privacy-policy/ Consequently, we may share your details with Qosmos, the sponsors of this whitepaper and use your information to send you targeted Telecoms.com promotions. You can opt out of these at any time.

Leave a comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Polls

How have open source groups influenced the development of virtualization in telecoms?

Loading ... Loading ...