Exploring Attack Paths Using Graph Theory: Case - Microsoft Entra ID Pass-Through Authentication

Nestori Syynimaa

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Exploring Attack Paths Using Graph Theory: Case - Microsoft Entra ID Pass-Through Authentication

Topics: Privacy and Security Models; Security; Threat Awareness; Vulnerability Analysis and Countermeasures

In Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP, 486-492, 2025 , Porto, Portugal

Author: Nestori Syynimaa

Affiliation: Principal Identity Researcher, Microsoft, Threat Intelligence Center, Faculty of Information Technology, University of Jyväskylä, Jyväskylä, Finland

Keyword(s): Graph Theory, Entra ID, Attack Paths, Authentication.

Abstract: Graphs have been used to describe attack paths since the 1990s. They are powerful ways to present complex problems in a relatively simple way. Microsoft Entra ID is an identity and access management (IAM) solution most private and public sector organisations use. As an IAM, it supports multiple authentication methods. One little-researched authentication method is pass-through authentication (PTA). This paper presents the findings of a study researching PTA for novel vulnerabilities. The findings reveal vulnerabilities that enable novel PTA-related attacks, allowing threat actors to gain remote, persistent, and undetectable access to the target organisation’s Entra ID. Threat actors could exploit these vulnerabilities to create backdoors, harvest credentials, and perform DoS attacks. The found attack paths were depicted in the PTA Attack Graph, which is the main contribution of this paper.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 216.73.216.108

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Syynimaa and N. (2025). Exploring Attack Paths Using Graph Theory: Case - Microsoft Entra ID Pass-Through Authentication. In Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP; ISBN 978-989-758-735-1; ISSN 2184-4356, SciTePress, pages 486-492. DOI: 10.5220/0013119100003899

@conference{icissp25,
author={Nestori Syynimaa},
title={Exploring Attack Paths Using Graph Theory: Case - Microsoft Entra ID Pass-Through Authentication},
booktitle={Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP},
year={2025},
pages={486-492},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013119100003899},
isbn={978-989-758-735-1},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 11th International Conference on Information Systems Security and Privacy - Volume 2: ICISSP
TI - Exploring Attack Paths Using Graph Theory: Case - Microsoft Entra ID Pass-Through Authentication
SN - 978-989-758-735-1
IS - 2184-4356
AU - Syynimaa, N.
PY - 2025
SP - 486
EP - 492
DO - 10.5220/0013119100003899
PB - SciTePress