Enhancing Security of Intelligent Systems and Critical Infrastructure through Mitigation of Defense Evasion Techniques

DAVID ABIANDU

Co-Presenters: Individual Presentation

College: Hennings College of Science Mathematics and Technology

Major: BS.COMPSCI/CYBERS

Faculty Research Mentor: Olowononi, Felix  

Abstract:

Title: Enhancing the Security of Intelligent Systems and Critical Infrastructures through the Mitigation of Defense Evasion TechniquesAuthor: David C. Abiandu, Henning's College of Science Mathematics and Technology, Kean UniversityAbstract:Intelligent system systems and critical infrastructures face rising threats from modern adversaries who use advanced defense evasion techniques to bypass traditional firewalls and endpoint detection and response (EDR) systems. These vulnerabilities pose immense risks to national security, public health, and economic stability. High-profile attacks like Stuxnet and NotPetya have shown how current defenses can be circumvented, especially with the growing use of artificial intelligence by attackers.To understand these challenges, a virtual lab/network environment was used to simulate and test common defense evasion methods, including static port forwarding, dynamic SOCKS proxies, and VPN-based tunneling. To address these problems, a multi-layered mitigation strategy was implemented into the virtual network. This included hardened iptables firewall rules, a decryption proxy using mitmproxy, an IDS/IPS system using Snort with custom rules, and the early-stage development of a an EDR system. Although the EDR prototype was not fully implemented during the testing phase due to time and resource constraints, its design lays the groundwork for host-level monitoring that’ll support the network-layer defenses already verified.Attack analysis was mapped using the MITRE ATT&CK framework to connect each evasion with its defense. The observed behaviors mapped during the analysis include proxy listening, interface tunneling, and NAT-based masquerading. Results showed that single-layer defenses were bypassed under the simulated conditions, while a layered-defense approach—combining network level and endpoint level controls—significantly improved detection and containment.This study supports the implementation of proactive, multi-layered defense architecture to more effectively enhance critical infrastructure against evasive cyber threats and potential attacks. By simulating attack scenarios and highlighting how layered defenses respond, this research contributes both practical insights and reproducible models for evaluating security controls. Future work will focus on the EDR system, expanding range of detection, to include host-level telemetry, and architecture testing in cloud and IoT environments. These findings can help inform the development of security operation center tools and regulations for protecting critical infrastructures in both national and enterprise contexts.