Characterization of Evolving Networks for Cybersecurity

The process of network evolution presents an interesting problem that describes shifts in the behavior of a network structure. Given the widespread use of computer networks creates a need to drill down and analyze the behavior at the various levels to get a tangible perspective on shifts that may take place in a computer network. However, with cyber attacks becoming increasingly sophisticated, one of the key challenges is knowing whether there is even an attack on the network in the first place. This is mainly due to the overwhelming size and dynamism of evolving network structures which poses a big data problem. This chapter discusses graph theory concepts to model network behavior and then utilizing analytics to understand the dynamics of the network. For example techniques such as graph sampling play an important role in identifying potential cyber threats that may not be detected on a larger scale. Additionally, determining micro and macro level characteristics that are associated to key network features such as node centrality, and fundamental network properties such as densification and diameter respectively are critical in characterizing network behavior overtime that may be the result of a cyber threat. Therefore, in order to define and understand the vulnerabilities associated to the network, one must have an understanding of the overall structure and nature of communication patterns within the network as well as the potential points of vulnerability.

[1]  Ian McCulloh,et al.  Detecting changes in a dynamic social network , 2009 .

[2]  Rajeev Motwani,et al.  The PageRank Citation Ranking : Bringing Order to the Web , 1999, WWW 1999.

[3]  Christos H. Papadimitriou,et al.  Heuristically Optimized Trade-Offs: A New Paradigm for Power Laws in the Internet , 2002, ICALP.

[4]  Nam P. Nguyen,et al.  On the Discovery of Critical Links and Nodes for Assessing Network Vulnerability , 2013, IEEE/ACM Transactions on Networking.

[5]  Miro Kraetzl,et al.  Using graph diameter for change detection in dynamic networks , 2006, Australas. J Comb..

[6]  Christos Faloutsos,et al.  Graph evolution: Densification and shrinking diameters , 2006, TKDD.

[7]  Kathleen M. Carley,et al.  Detecting Change in Longitudinal Social Networks , 2011, J. Soc. Struct..

[8]  Philip S. Yu,et al.  Integrating meta-path selection with user-guided object clustering in heterogeneous information networks , 2012, KDD.

[9]  L. Freeman Centrality in social networks conceptual clarification , 1978 .

[10]  Vandana Pursnani Janeja,et al.  Discovery of persistent threat structures through temporal and geo-spatial characterization in evolving networks , 2013, 2013 IEEE International Conference on Intelligence and Security Informatics.

[11]  Daniel B. Horn,et al.  Change Detection in Social Networks: (500522012-001) , 2008 .

[12]  Christos Faloutsos,et al.  Graphs over time: densification laws, shrinking diameters and possible explanations , 2005, KDD '05.

[13]  Philip S. Yu,et al.  GraphScope: parameter-free mining of large time-evolving graphs , 2007, KDD '07.

[14]  Christos Faloutsos,et al.  Anomaly, event, and fraud detection in large network datasets , 2013, WSDM.

[15]  Christos Faloutsos,et al.  oddball: Spotting Anomalies in Weighted Graphs , 2010, PAKDD.

[16]  Christos Faloutsos,et al.  Scalable modeling of real graphs using Kronecker multiplication , 2007, ICML '07.

[17]  P. Bonacich TECHNIQUE FOR ANALYZING OVERLAPPING MEMBERSHIPS , 1972 .

[18]  Alexander G. Tartakovsky,et al.  Efficient Computer Network Anomaly Detection by Changepoint Detection Methods , 2012, IEEE Journal of Selected Topics in Signal Processing.

[19]  Christos Faloutsos,et al.  Dynamics of large networks , 2008 .

[20]  Vandana Pursnani Janeja,et al.  Change detection in temporally evolving computer networks: A big data framework , 2014, 2014 IEEE International Conference on Big Data (Big Data).

[21]  Chang-Yong Lee Correlations among centrality measures in complex networks , 2006, physics/0605220.

[22]  P. Bonacich Power and Centrality: A Family of Measures , 1987, American Journal of Sociology.

[23]  Suku Nair,et al.  Cyber Security Analytics: A Stochastic Model for Security Quantification Using Absorbing Markov Chains , 2014 .

[24]  Daniel B. Horn,et al.  Change Detection in Social Networks , 2008 .

[25]  Philip S. Yu,et al.  Proximity Tracking on Time-Evolving Bipartite Graphs , 2008, SDM.

[26]  P. Tan,et al.  Node roles and community structure in networks , 2007, WebKDD/SNA-KDD '07.

[27]  Ana Paula Appel,et al.  Radius Plots for Mining Tera-byte Scale Graphs: Algorithms, Patterns, and Observations , 2010, SDM.

[28]  John Skvoretz,et al.  Node centrality in weighted networks: Generalizing degree and shortest paths , 2010, Soc. Networks.

[29]  Vandana Pursnani Janeja,et al.  Change detection in evolving computer networks: Changes in densification and diameter over time , 2015, 2015 IEEE International Conference on Intelligence and Security Informatics (ISI).

[30]  Christos Faloutsos,et al.  Monitoring Network Evolution using MDL , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[31]  Jiawei Han,et al.  Mining heterogeneous information networks , 2010, Proceedings of the 16th ACM SIGKDD international conference on Knowledge discovery and data mining - KDD '10.