Protecting Against Malware: Using DPI Inside Security Solutions to Detect Lateral Movements

Written by Quosmos
07 December 2017 @ 16:26

When malware successfully infiltrates a network, it typically evolves through the cyber kill chain in an attempt to reach the final goal of data exfiltration, a ransom request and so on. During the lateral movement stage, when it tries to propagate the network and access resources, it generates specific types of network traffic. It is here that it becomes most vulnerable to detection. However, distinguishing potential threats from legitimate traffic requires the management and analysis of huge amounts of data often complicated by the high number of false positives.

DPI software, embedded in security solutions, is highly effective in accurately detecting network-based lateral movement, allowing rapid containment of attacks and remediation. The protocol information and metadata can be used to improve the results of user behavior analysis and machine learning, and to enable mitigation at each stage of the kill chain, improving the effectiveness of security solutions.

This white paper looks at attack techniques, the vulnerability of an attack during the lateral movement phase, the ability of DPI to detect infiltration during this phase and different techniques for doing so.

Click here to read this whitepaper.

Webinars

View all

The Journey to Virtualized RAN – Insights 2021

Network Exposure: The Next Phase of 5G

5G Standalone: Why, How, and How Fast?

White Papers

View all

How telcos can create value with multi-faceted automation

Pre-empting danger with lawful and smart intelligence solutions

Wi-Fi is Ubiquitous and Should Get Smarter

Vendor View

View all

How stc helped Saudi Arabia become the Middle East’s new digital hub

What MNOs need to achieve revenue optimisation and operational excellence

Why going digital starts with your existing workforce

Events

View all

Big 5G Event
01-02 September 2021
View Event

NGON & DCI World
28-30 September 2021
View Event

Polls

View all

Telecoms.com is launching a Digital Seminar Series in the autumn of 2021. As a valued reader we'd like your feedback on the top three topics of interest as listed below:

1. What’s next for 5G? What has gone right in 5G so far and what can be improved, key challenges to delivering on 5G promises, and if it’s time to start looking beyond 5G.
2. OpenRAN: Sifting through the hype What OpenRAN is and is not. Is it is able to play the role set out for it? Is it already too late for OpenRAN to feature strongly in 5G?
3. Is Balkanisation of the telecoms industry inevitable? Telecoms is heavily influenced by global geopolitics, especially the rivalry between the US and China. Do we all have to pick a side?
4. Has telecoms surrendered too much to the cloud? How should telecom operators strike a balance between the benefits of scale and flexibility of cloud and the control over their own lifeline?
5. The pros and cons of AI and automation for telcos - Is there such thing as too much automation, AI and machine learning for telecom operators? When and how should humans step in?
6. Will the high expectations for IoT ever be realised? How stakeholders can bridge the difference between promises and reality of IoT by making it more profitable and sustainable for CSPs?
7. Broadband best practice How to deliver broadband connection to households and businesses most efficiently & how to achieve synergy between fixed and wireless broadband solutions.

Loading ...

Twitter

View all

Meet the 50 influential leaders, innovators and disrupters who are connecting the world in 2021 #BB50 hthttps://t.co/TUqvqxXTKJ
03 August 2021 @ 14:30:17 UTC

China to drive private 5G network growth despite regulatory headwind- research https://t.co/x5AC8nGpKb #5G #privatenetworks
03 August 2021 @ 12:36:32 UTC

Eurobites: Ethiopia to re-open bidding on second operator licence https://t.co/mRZoxTfTqy #4GLTE #Broadband
03 August 2021 @ 11:45:32 UTC

Telecoms.com

intelligence