Hypergraph Analytics of Domain Name System Relationships

We report on the use of novel mathematical methods in hypergraph analytics over a large quantity of DNS data. Hypergraphs generalize graphs, as used in network science, to better model complex multiway relations in cyber data. Specifically, casting DNS data from Georgia Tech’s ActiveDNS repository as hypergraphs allows us to fully represent the interactions between collections of domains and IP addresses. To facilitate large-scale analytics, we fielded an analytical pipeline of two capabilities: HyperNetX (HNX) is a Python package for the exploration and visualization of hypergraphs; while on the backend, the Chapel HyperGraph Library (CHGL) is a library for high performance hypergraph analytics written in the exascale programming language Chapel. CHGL was used to process gigascale DNS data, performing compute-intensive calculations for data reduction and segmentation. Identified portions are then sent to HNX for both exploratory analysis and knowledge discovery targeting known tactics, techniques, and procedures.

[1]  Rob H. Bisseling,et al.  Parallel hypergraph partitioning for scientific computing , 2006, Proceedings 20th IEEE International Parallel & Distributed Processing Symposium.

[2]  Albert-László Barabási,et al.  Scale-free networks , 2008, Scholarpedia.

[3]  A. Bonato,et al.  Graphs and Hypergraphs , 2022 .

[4]  Aric Hagberg,et al.  Exploring Network Structure, Dynamics, and Function using NetworkX , 2008, Proceedings of the Python in Science Conference.

[5]  B. Chamberlain,et al.  Chapel Comes of Age : Making Scalable Programming Productive , 2018 .

[6]  Jianfang Wang,et al.  Paths and cycles of hypergraphs , 1999 .

[7]  Cliff Joslyn,et al.  Hypernetwork science via high-order hypergraph walks , 2019, EPJ Data Science.

[8]  Vipin Kumar,et al.  Multilevel k-way hypergraph partitioning , 1999, DAC '99.

[9]  Garry Robins,et al.  Small Worlds Among Interlocking Directors: Network Structure and Distance in Bipartite Graphs , 2004, Comput. Math. Organ. Theory.

[10]  J. A. Rodríguez-Velázquez,et al.  Subgraph centrality and clustering in complex hyper-networks , 2006 .

[11]  Bradford L. Chamberlain,et al.  Parallel Programmability and the Chapel Language , 2007, Int. J. High Perform. Comput. Appl..

[12]  Cliff Joslyn,et al.  A Topological Approach to Representational Data Models , 2018, HCI.

[13]  Cliff Joslyn,et al.  Chapel HyperGraph Library (CHGL) , 2018, 2018 IEEE High Performance extreme Computing Conference (HPEC).