Abstract
The ongoing Russia-Ukraine war has inflicted severe damage on both the geographical and the cyber landscape of Ukraine. The cyberspace of Ukraine continues to be degraded by deliberate physical and cyber warfare. Recent research shows that the degradation of the Ukrainian network correlated with the presence of Russian troops in the region and deliberate attempts of defacement attacks on certain Ukrainian websites. In this work, we examine the Ukrainian IP space by actively scanning for critical infrastructure on two protocols and observe the degradation caused by the war. We follow a measurement-based approach to map the timeline and characterize the impact by performing an analysis with a correlation of multiple datasets that include newsfeeds, disclosures from Ukrainian CERT, and NGOs. Furthermore, we correlate the data from our scans with the open datasets from Internet scanning services to discover misconfigured services and identify them using passive fingerprinting techniques. As a part of ethical considerations and responsible disclosure, we deliver our findings to the respective authorities in Ukraine through collaboration with an NGO to prevent further exploitation of misconfigured services.
Originalsprog | Engelsk |
---|---|
Titel | 2023 7th Network Traffic Measurement and Analysis Conference (TMA) |
Forlag | IEEE |
Publikationsdato | 1 jul. 2023 |
Artikelnummer | 10199005 |
ISBN (Elektronisk) | 9783903176584 |
DOI | |
Status | Udgivet - 1 jul. 2023 |
Begivenhed | 2023 7th Network Traffic Measurement and Analysis Conference (TMA) - Naples, Italien Varighed: 26 jun. 2023 → 29 jun. 2023 |
Konference
Konference | 2023 7th Network Traffic Measurement and Analysis Conference (TMA) |
---|---|
Land/Område | Italien |
By | Naples |
Periode | 26/06/2023 → 29/06/2023 |