Biblio

Managing and storing big data is non-trivial for traditional relational databases (RDBMS). Therefore, the NoSQL (Not Only SQL) database management system emerged. It is ca-pable of handling the vast amount and the heterogeneity of data. In this research, we are interested in one of its trending types, the graph database, namely, the Directed Property Graph (DPG). This type of database is powerful in dealing with complex relationships (\$\textbackslashmathrme.\textbackslashmathrmg\$., social networks). However, its sen-sitive and private data must be protected against unauthorized access. This research proposes a security model that aims at exploiting and combining the benefits of Access Control, View-Based, and Query-Rewriting approaches. This is a novel combination for securing DPG.

The Activity and Event Network (AEN) graph is a new framework that allows modeling and detecting intrusions by capturing ongoing security-relevant activity and events occurring at a given organization using a large time-varying graph model. The graph is generated by processing various network security logs, such as network packets, system logs, and intrusion detection alerts. In this paper, we show how known attack methods can be captured generically using attack fingerprints based on the AEN graph. The fingerprints are constructed by identifying attack idiosyncrasies under the form of subgraphs that represent indicators of compromise (IOes), and then encoded using Property Graph Query Language (PGQL) queries. Among the many attack types, three main categories are implemented as a proof of concept in this paper: scanning, denial of service (DoS), and authentication breaches; each category contains its common variations. The experimental evaluation of the fingerprints was carried using a combination of intrusion detection datasets and yielded very encouraging results.

With the development of globalization, more and more enterprises are involved in the supply chain network with increasingly complex structure. In this paper, enterprises and relations in the logistics network are abstracted as nodes and edges of the complex network. A graph model for a supply chain network to specified industry is constructed, and the Neo4j graph database is employed to store the graph data. This paper uses the theoretical research tool of complex network to model and analyze the supply chain, and designs a supply chain network evaluation system which include static and dynamic measurement indexes according to the statistical characteristics of complex network. In this paper both the static and dynamic resilience characteristics of the the constructed supply chain network are evaluated from the perspective of complex network. The numeric experimental simulations are conducted for validation. This research has practical and theoretical significance for enterprises to make strategies to improve the anti-risk capability of supply chain network based on logistics network information.

Graph pattern matching is one of the most fundamental problems in graph database and is associated with a wide spectrum of applications. Due to its computational intensiveness, researchers have primarily devoted their efforts to improving the performance of the algorithm while constraining the graphs to have singular labels on vertices (edges) or no label. Whereas in practice graphs are typically associated with rich properties, thus the main focus in the industry is instead on powerful query languages that can express a sufficient number of pattern matching scenarios. We demo PatMat in this work to glue together the academic efforts on performance and the industrial efforts on expressiveness. To do so, we leverage the state-of-the-art join-based algorithms in the distributed contexts and Cypher query language - the most widely-adopted declarative language for graph pattern matching. The experiments demonstrate how we are capable of turning complex Cypher semantics into a distributed solution with high performance.

In this paper, we present a framework for graph-based representation of relation between sensors and alert types in a security alert sharing platform. Nodes in a graph represent either sensors or alert types, while edges represent various relations between them, such as common type of reported alerts or duplicated alerts. The graph is automatically updated, stored in a graph database, and visualized. The resulting graph will be used by network administrators and security analysts as a visual guide and situational awareness tool in a complex environment of security alert sharing.

The Web today is a growing universe of pages and applications teeming with interactive content. The security of such applications is of the utmost importance, as exploits can have a devastating impact on personal and economic levels. The number one programming language in Web applications is PHP, powering more than 80% of the top ten million websites. Yet it was not designed with security in mind and, today, bears a patchwork of fixes and inconsistently designed functions with often unexpected and hardly predictable behavior that typically yield a large attack surface. Consequently, it is prone to different types of vulnerabilities, such as SQL Injection or Cross-Site Scripting. In this paper, we present an interprocedural analysis technique for PHP applications based on code property graphs that scales well to large amounts of code and is highly adaptable in its nature. We implement our prototype using the latest features of PHP 7, leverage an efficient graph database to store code property graphs for PHP, and subsequently identify different types of Web application vulnerabilities by means of programmable graph traversals. We show the efficacy and the scalability of our approach by reporting on an analysis of 1,854 popular open-source projects, comprising almost 80 million lines of code.

The Internet of Things(IoT) has become a popular technology, and various middleware has been proposed and developed for IoT systems. However, there have been few studies on the data management of IoT systems. In this paper, we consider graph database models for the data management of IoT systems because these models can specify relationships in a straightforward manner among entities such as devices, users, and information that constructs IoT systems. However, applying a graph database to the data management of IoT systems raises issues regarding distribution and security. For the former issue, we propose graph database operations integrated with REST APIs. For the latter, we extend a graph edge property by adding access protocol permissions and checking permissions using the APIs with authentication. We present the requirements for a use case scenario in addition to the features of a distributed graph database for IoT data management to solve the aforementioned issues, and implement a prototype of the graph database.