2013年5月30日木曜日

Graph Applications in Cybersecurity Domain

Large Scale Graph Analytics and Randomized Algorithms for Applications
in Cybersecurity
http://dl.acm.org/citation.cfm?id=2459984
http://www.graphanalysis.org/SIAM-CSE13/02_Johnson.pdf

A network hacking attack in which hackers repeatedly steal password hashes and move through a computer network with the goal of reaching a computer with high level administrative privileges is known as a pass-the-hash attack. In this paper we apply graph coarsening on graphs obtained from computer network data for the purpose of (a) detecting hackers using this attack and (b) assessing the risk level of the network's current state. We repeatedly contract edges (obtaining a graph minor), which preserves the existence of paths in the graph, and take powers of the adjacency matrix to count the paths. This allows us to detect the existence of paths as well as find paths that have high risk of being exploited by adversaries.


W. Eberle and L. Holder. Applying graph-based anomaly detection approaches to the discovery of insider threats. In IEEE International Conference on Intelligence and Security Informatics (ISI), 2009.

D. A. Spielman and N. Srivastava. Graph sparsification by effective resistances. In Proc. 40th Annual ACM Symposium on Theory of Computing, 2008.


S. Jajodia, S. Noel, and B. O'Berry. Topological analysis of network attack vulnerability. In V. Kumar, J. Srivastava, and A. Lazarevic, editors, Managing Cyber Threats: Issues, Approaches and Challenges, pages 248--266. Kluwer Academic Publisher, 2005.


http://vulcan.ee.iastate.edu/~gmani/personal/papers/journals/IEEE-PS-08.pdf

Measuring Security Risk of Networks Using Attack Graphs
http://users.encs.concordia.ca/~wang/papers/ijngc10.pdf

U Kang's Research Goal Statement
http://www.cs.cmu.edu/~ukang/ukang-research.pdf

http://www.eecs.wsu.edu/~holder/pubs/EberleCATCH09.pdf

0 件のコメント:

コメントを投稿