Exploring Attack Paths Using Graph Theory: Case - Microsoft Entra ID Pass-Through Authentication

Nestori Syynimaa

doi:10.5220/0013119100003899

Exploring Attack Paths Using Graph Theory: Case - Microsoft Entra ID Pass-Through Authentication

Nestori Syynimaa

2025

Abstract

Graphs have been used to describe attack paths since the 1990s. They are powerful ways to present complex problems in a relatively simple way. Microsoft Entra ID is an identity and access management (IAM) solution most private and public sector organisations use. As an IAM, it supports multiple authentication methods. One little-researched authentication method is pass-through authentication (PTA). This paper presents the findings of a study researching PTA for novel vulnerabilities. The findings reveal vulnerabilities that enable novel PTA-related attacks, allowing threat actors to gain remote, persistent, and undetectable access to the target organisation’s Entra ID. Threat actors could exploit these vulnerabilities to create backdoors, harvest credentials, and perform DoS attacks. The found attack paths were depicted in the PTA Attack Graph, which is the main contribution of this paper.

Download

Paper Citation

in Harvard Style

Syynimaa N. (2025). Exploring Attack Paths Using Graph Theory: Case - Microsoft Entra ID Pass-Through Authentication. In Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP; ISBN 978-989-758-735-1, SciTePress, pages 486-492. DOI: 10.5220/0013119100003899

in Bibtex Style

@conference{icissp25,
author={Nestori Syynimaa},
title={Exploring Attack Paths Using Graph Theory: Case - Microsoft Entra ID Pass-Through Authentication},
booktitle={Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP},
year={2025},
pages={486-492},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013119100003899},
isbn={978-989-758-735-1},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP
TI - Exploring Attack Paths Using Graph Theory: Case - Microsoft Entra ID Pass-Through Authentication
SN - 978-989-758-735-1
AU - Syynimaa N.
PY - 2025
SP - 486
EP - 492
DO - 10.5220/0013119100003899
PB - SciTePress