A Proxy-Based Solution for Securiting Remote Desktop Connections in Mission-Critical Systems

Ron Bitton ; Clint Feher ; Yuval Elovici ; Asaf Shabtai ; Gaby Shugol ; Raz Tikochinski ; Shachar Kur

2017 IEEE 18th International Symposium on High Assurance Systems Engineering (HASE).

Remote desktop protocols (RDPs) are used for connecting and interacting with computers remotely. In recent years, we have witnessed a number of vulnerabilities identified in two widely used remote desktop implementations, Microsoft Remote Desktop and RealVNC, that may expose the connected systems to a new attack vector. Such vulnerabilities are particularly concerning when it comes to mission-critical systems in which a client device with a low trust level connects to the critical system via a remote desktop server. In this preliminary study we propose a proxy-based solution that applies various modules, each of which mitigates a different type of threat, in order to secure remote desktop connections used in missioncritical systems.