TY - GEN
T1 - Method for the Detection of Internal Threats in Academic Campus Networks
AU - Barba-Vera, Ruth
AU - Barragán-González, Byron
AU - Ramos-Valencia, Marco
AU - Mantilla-Cabrera, Carmen
AU - Vaca-Barahona, Byron
AU - Silva-Cárdenas, Carlos
N1 - Publisher Copyright:
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.
PY - 2024
Y1 - 2024
N2 - The current academic campus intranets demand higher requirements to satisfy the needs of their users. The greatest threat lies in the people with access to and knowledge of the organization. This research adapts the OSSTMM V 3.0 methodology to estimate the security breaches caused by the human channel (users) within the intranet, measuring porosity, limitations, and processes, evaluating the security risk (Rav) in 85.77%, and determining 13.92% of vulnerabilities and anomalies that an internal user can exploit. The analysis of the intranet with NIDS-SNORT (Network Intrusion Detection System) to determine internal threats in real-time corroborates the analysis of the human channel. The identified threats allow an exploitation study of SMB EternalBlue to be carried out, which enables the evaluation of the affectation of the threats to the users in a test scenario, in addition to the solution to these vulnerabilities. This novel method using free software responds to Ecuadorian universities’ need to have a standard that, based on vulnerability analysis, allows the implementation of security policies at the institutional level.
AB - The current academic campus intranets demand higher requirements to satisfy the needs of their users. The greatest threat lies in the people with access to and knowledge of the organization. This research adapts the OSSTMM V 3.0 methodology to estimate the security breaches caused by the human channel (users) within the intranet, measuring porosity, limitations, and processes, evaluating the security risk (Rav) in 85.77%, and determining 13.92% of vulnerabilities and anomalies that an internal user can exploit. The analysis of the intranet with NIDS-SNORT (Network Intrusion Detection System) to determine internal threats in real-time corroborates the analysis of the human channel. The identified threats allow an exploitation study of SMB EternalBlue to be carried out, which enables the evaluation of the affectation of the threats to the users in a test scenario, in addition to the solution to these vulnerabilities. This novel method using free software responds to Ecuadorian universities’ need to have a standard that, based on vulnerability analysis, allows the implementation of security policies at the institutional level.
KW - Campus Networks
KW - Insider threat
KW - NIDS-SNORT
KW - OSSTMM
UR - http://www.scopus.com/inward/record.url?scp=85214391518&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-70981-4_22
DO - 10.1007/978-3-031-70981-4_22
M3 - Conference contribution
AN - SCOPUS:85214391518
SN - 9783031709807
T3 - Lecture Notes in Networks and Systems
SP - 319
EP - 337
BT - Proceedings of the International Conference on Computer Science, Electronics and Industrial Engineering (CSEI 2023) - Innovations in Industrial Engineering and Robotics in Industry - Bridging the Gap Between Theory and Practical Application
A2 - Garcia, Marcelo V.
A2 - Gordón-Gallegos, Carlos
A2 - Salazar-Ramírez, Asier
A2 - Nuñez, Carlos
PB - Springer Science and Business Media Deutschland GmbH
T2 - International Conference on Computer Science, Electronics and Industrial Engineering, CSEI 2023
Y2 - 6 November 2023 through 10 November 2023
ER -