Real-Time Lateral Movement Detection Based on Evidence Reasoning Network for Edge Computing Environment

TLDR

Edge computing offers advanced intelligent services at the network edge, but the dissociation of data, access control, and service stages in edge AI exacerbates cloud security risks. The study aims to reduce backhaul impacts, improve user experience, and prevent lateral movement attacks in edge‑cloud environments by proposing the CloudSEC detection method. The method constructs an evidence reasoning network using vulnerability correlation and network environmental data to reason lateral movement paths. Experiments demonstrate that CloudSEC enables rapid, effective evidence investigation and real‑time attack detection.

Abstract

Edge computing provides high-class intelligent services and computing capabilities at the edge of the networks. The aim is to ease the backhaul impacts and offer an improved user experience. However, the edge artificial intelligence exacerbates the security of the cloud computing environment due to the dissociation of data, access control, and service stages. In order to prevent users from carrying out lateral movement attacks in an edge-cloud computing environment, in this paper we propose a real-time lateral movement detection method, named CloudSEC, based on an evidence reasoning network for the edge-cloud environment. First, the concept of vulnerability correlation is introduced. Based on the vulnerability knowledge and environmental information of the network system, the evidence reasoning network is constructed, and the lateral movement reasoning ability provided by the evidence reasoning network is then used. The experiment results show that CloudSEC provides a strong guarantee for the rapid and effective evidence investigation, as well as real-time attack detection.

References

Page 1

	Year	Citations

Page 1