FIELD: information technologies.
SUBSTANCE: data gathering application is executed in a target system. Various data is collected, which indicates privileges escalation routes, including data of user accounts, file resolving data and system register data. Collected data is analysed in compliance with heuristics. System accounts are displayed as nodes on a graph. Detected privileges escalation between accounts are displayed as ribs between their appropriate accounts. A user may tune the displayed graph to focus on certain target accounts and categories of privileges escalation.
EFFECT: increased validity of detecting authority abuse in the system.
15 cl, 9 dwg
| Title | Year | Author | Number |
|---|---|---|---|
| METHOD AND SYSTEM FOR PREVENTING UNAUTHORIZED ACCESS TO CORPORATE NETWORK OBJECTS | 2022 |
|
RU2799117C1 |
| METHOD AND SYSTEM FOR PREVENTING COMPROMISE OF NETWORK INFRASTRUCTURE OBJECTS IN FREEIPA DIRECTORY SERVICE | 2023 |
|
RU2826430C1 |
| STRATEGIES TO STUDY VULNERABILITIES AND TO SUPPRESS VULNERABILITIES CAUSED BY CAPTURING ACCOUNT DATA | 2007 |
|
RU2462753C2 |
| PRINTED RELAYING SYSTEM, IMAGER, SYSTEM CONTROL METHOD AND PROGRAMME | 2011 |
|
RU2552148C2 |
| NATIVE APPLICATION CONTENT VERIFICATION | 2015 |
|
RU2679959C2 |
| STABLE AUTHORISATION CONTEXT BASED ON EXTERNAL IDENTIFICATION | 2008 |
|
RU2390838C2 |
| PRIVILEGES MANAGEMENT SYSTEM AND METHOD | 2018 |
|
RU2718977C1 |
| METHOD OF ANALYSING AND DETECTING MALICIOUS INTERMEDIATE NODES IN NETWORK | 2012 |
|
RU2495486C1 |
| TECHNOLOGIES FOR PROVIDING NETWORK SECURITY THROUGH DYNAMICALLY ALLOCATED ACCOUNTS | 2015 |
|
RU2691211C2 |
| VERIFICATION OF OWN APPLICATION CONTENT | 2015 |
|
RU2713608C2 |
