Augmenting Zero Trust Architecture to endpoints using Distributed Ledger Technologies and Blockchain

Alevizos, Charalampos orcid iconORCID: 0000-0002-5891-1718 (2023) Augmenting Zero Trust Architecture to endpoints using Distributed Ledger Technologies and Blockchain. Doctoral thesis, University of Central Lancashire.

[thumbnail of Thesis]
Preview
PDF (Thesis) - Submitted Version
Available under License Creative Commons Attribution Non-commercial.

62MB

Digital ID: http://doi.org/10.17030/uclan.thesis.00039130

Abstract

With the increasing adoption of cloud computing and remote working, traditional perimeter-based security models are no longer sufficient to protect organizations' digital assets. The need for a more robust security framework led to the emergence of Zero Trust Architecture (ZTA), which challenges the notion of inherent trust and emphasizes the importance of verifying endpoints, users, and applications. However, within ZTA, the already authenticated and authorized communication channel on an endpoint poses a critical
vulnerability, making it the Achilles' heel of the architecture [1]. Once compromised, even with valid credentials and authorized access, an endpoint can become a gateway for attackers to move laterally and access sensitive resources. Addressing the vulnerability of endpoints within ZTA is crucial to bolster overall security. By mitigating the risks associated with compromised endpoints, organizations can prevent unauthorized access, privilege escalation, and potential data breaches.

Traditional security measures, such as firewalls, antivirus technologies, and Intrusion Detection and Prevention Systems (IDS/IPS), have become less effective in the face of evolving threats and complex network infrastructures. Perimeter-based security models are gradually being replaced by ZTA, which focuses on identity-based perimeters and continuous verification. To enhance endpoint security within ZTA, this research introduces the Blockchain-enabled Intrusion Detection and Prevention System (BIDPS). By integrating blockchain technology, the BIDPS aims to detect and prevent attacker techniques at an early stage before lateral movement occurs. Furthermore, the BIDPS shifts the trust from compromised endpoints to the immutable and transparent nature of the blockchain, creating an explicit system of trust.

Through a systematic design and development methodology, a prototype of the BIDPS was created. Extensive testing against various Advanced Persistent Threat (APT) attacks
demonstrated the system's high success rate in defending against such attacks. Additionally, novel strategies and performance-enhancing mechanisms were implemented to improve the effectiveness and efficiency of the BIDPS [2]. The BIDPS was evaluated through a combination of observational analysis and A/B testing methodologies. The evaluation confirmed the BIDPS's effectiveness in detecting and preventing malicious activities, as well as its improved performance compared to traditional security measures. The research outcomes validate the viability of the BIDPS as a solution to enhance endpoint security within ZTA. Conclusively, the integration of blockchain technology into ZTA, as exemplified by the BIDPS, offers a promising approach to mitigate the vulnerability of endpoints and reinforce the security of modern IT environments.


Repository Staff Only: item control page