Abstract

Within both the cyber kill chain and MITRE ATT&CK frameworks, Lateral Movement (LM) is defined as any activity that allows adversaries to progressively move deeper into a system in seek of high-value assets. Although this timely subject has been studied in the cybersecurity literature to a significant degree, so far, no work provides a comprehensive survey regarding the identification of LM from mainly an Intrusion Detection System (IDS) viewpoint. To cover this noticeable gap, this work provides a systematic, holistic overview of the topic, not neglecting new communication paradigms, such as the Internet of Things (IoT). The survey part, spanning a time window of eight years and 53 articles, is split into three focus areas, namely, Endpoint Detection and Response (EDR) schemes, machine learning oriented solutions, and graph-based strategies. On top of that, we bring to light interrelations, mapping the progress in this field over time, and offer key observations that may propel LM research forward.

Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
SDN based Intrusion Detection and Prevention Systems using Manufacturer Usage Description: A Survey
Noman Mazhar ... Rosli Salleh
International Journal of Advanced Computer Science and Applications | VOL. 11
Noman Mazhar, et. al.Noman Mazhar ... Rosli Salleh
01 Jan 2020
A Review on Machine Learning and Deep Learning Perspectives of IDS for IoT: Recent Updates, Security Issues, and Challenges
Ankit Thakkar ... Ritika Lohiya
Archives of Computational Methods in Engineering | VOL. 28
Ankit Thakkar, et. al.Ankit Thakkar ... Ritika Lohiya
20 Oct 2020
Blockchain and federated learning-based intrusion detection approaches for edge-enabled industrial IoT networks: a survey
Abdullah Yousafzai ... Qianmu Li
Ad Hoc Networks | VOL. 152
Abdullah Yousafzai, et. al.Abdullah Yousafzai ... Qianmu Li
10 Oct 2023
Customised Intrusion Detection for an Industrial IoT Heterogeneous Network Based on Machine Learning Algorithms Called FTL-CID
Gokhan Inalhan ... Nasr Abosata
Sensors | VOL. 23
Gokhan Inalhan, et. al.Gokhan Inalhan ... Nasr Abosata
28 Dec 2022
View more papers

More From: Heliyon

Paper Title
Journal
Date
Author
Application of Deep Learning Classification Model for Regional Evaluation of Roof Pressure Support Evolution Effects Over Time in Coal Mining Face
Hao-Jie Li ... Si-Feng Jia
Heliyon | VOL. 10
Hao-Jie Li, et. al.Hao-Jie Li ... Si-Feng Jia
01 Jun 2024
Combination of Etoposide and Quercetin-Loaded Solid Lipid Nanoparticles Potentiates Apoptotic Effects on MDA-MB-231 Breast Cancer Cells
Reza Afarin ... Somayeh Igder
Heliyon | VOL. 10
Reza Afarin, et. al.Reza Afarin ... Somayeh Igder
01 Jun 2024
Soluble form of the MDA5 protein in human sera
Masaki Okamoto ... Tomoaki Hoshino
Heliyon | VOL. 10
Masaki Okamoto, et. al.Masaki Okamoto ... Tomoaki Hoshino
01 Jun 2024
Use of vegetable oils as dielectric fluids for electrical discharge machining. A case study
Maria-Crina Radu ... Oana Ghiorghe
Heliyon | VOL. 10
Maria-Crina Radu, et. al.Maria-Crina Radu ... Oana Ghiorghe
01 Jun 2024
View more papers