آلية تقييم أمني قائمة على التوأم الرقمي وتحليل البينية في بيئة Active Directory

Abstract

This study analyzes the Active Directory environment using the graph database Neo4j. Betweenness centrality was calculated for each node, and the impact of removing nodes with the highest betweenness was examined. Active Directory is a core component of an organization’s infrastructure, managing users, groups, organizational units, and various resources.

Understanding the structure of this environment is essential for enhancing cybersecurity and reducing potential risks. The results showed that removing nodes with high betweenness leads to a redistribution of paths within the environment, increasing the betweenness of the remaining nodes. However, this effect was not linear. It was observed that some nodes experienced a greater increase in betweenness when a centrally located node with lower betweenness was removed compared to the removal of a node with higher betweenness. This indicates that some nodes, which may appear non-central, gain significance when main nodes are removed, regardless of the ranking of those main nodes by betweenness.

Based on these findings, a security assessment mechanism was proposed that combines betweenness and the security weights of the nodes. This provides a more accurate classification of critical points within the environment and contributes to improving cybersecurity policies.