Information Security Threats and Working from Home Culture: Taxonomy, Risk Assessment and Solutions

Kotak, Jaidip; Habler, Edan; Brodt, Oleg; Shabtai, Asaf; Elovici, Yuval

doi:10.3390/s23084018

Cited by 5 publications

(1 citation statement)

References 44 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, there are constant security threats, such as data exfiltration and the lateral movement of malicious codes, which occur while connected to the corporate network [2]. As a countermeasure, requiring users to install security posture applications at their endpoints is being considered as a prerequisite to accessing VPNs, and they will also be required to check its running status periodically.…”

Section: Introductionmentioning

confidence: 99%

Detecting Risky Authentication Using the OpenID Connect Token Exchange Time

Han,

Lee

2023

Sensors

View full text Add to dashboard Cite

With the rise in sophisticated cyber threats, traditional authentication methods are no longer sufficient. Risk-based authentication (RBA) plays a critical role in the context of the zero trust framework—a paradigm shift that assumes no trust within or outside the network. This research introduces a novel proposal as its core: utilization of the time required by OpenID Connect (OIDC) token exchanges as a new RBA feature. This innovative approach enables the detection of tunneled connections without any intervention from the user’s browser or device. By analyzing the duration of OIDC token exchanges, the system can identify any irregularities that may signify unauthorized access attempts. This approach not only improves upon existing RBA frameworks but is also in alignment with the broader movement toward intelligent and responsive security systems.

show abstract

Section: Introductionmentioning

confidence: 99%