Authors: Sai Raghu Ram Gummadidala
Abstract: The fast adoption of hybrid cloud ecosystems incorporating Software as a Service (SaaS), Infrastructure as a Service (IaaS) and on-premise infrastructures has increased significantly the complexity of enterprise networks. The integration between the components of this ecosystem creates serious security concerns associated with uncontrolled connectivity, shadow networking, lateral movement attacks, covert communications via APIs, and low visibility among other issues. Current perimeter-based security models cannot provide the required level of protection to current cloud infrastructures based on the principle of trust and lack of real-time monitoring. The objective of this paper is to propose a Zero Trust Shadow Networking Detection Framework to identify the risk of hidden communications within hybrid cloud ecosystems. The proposed framework relies on trust evaluation, adaptive anomaly detection, microsegmentation, behavior analysis, and threat monitoring leveraging machine learning for protecting communications in SaaS, IaaS and on-premise infrastructures. A dynamic connectivity graph is built to evaluate communication links and identify hidden channels. Mathematical trust modeling and risk propagation analysis have been introduced for the purpose of increasing threat detection efficiency and minimizing unauthorized access. Evaluation based on experiments conducted via simulation of hybrid cloud traffic conditions reveals that the presented framework is more effective than conventional firewalls, virtual private networks, and other Zero Trust frameworks in terms of detection efficiency, decreasing false positives, responding to threats, preventing lateral movement, and mitigating risks on the network.
DOI: http://doi.org/10.5281/zenodo.20305176
