Visible to the public Biblio

Filters: Keyword is dynamic graph  [Clear All Filters]
2023-04-14
Ghaffaripour, Shadan, Miri, Ali.  2022.  Parasite Chain Attack Detection in the IOTA Network. 2022 International Wireless Communications and Mobile Computing (IWCMC). :985–990.
Distributed ledger technologies (DLTs) based on Directed Acyclic Graphs (DAGs) have been gaining much attention due to their performance advantage over the traditional blockchain. IOTA is an example of DAG-based DLT that has shown its significance in the Internet of Things (IoT) environment. Despite that, IOTA is vulnerable to double-spend attacks, which threaten the immutability of the ledger. In this paper, we propose an efficient yet simple method for detecting a parasite chain, which is one form of attempting a double-spend attack in the IOTA network. In our method, a score function measuring the importance of each transaction in the IOTA network is employed. Any abrupt change in the importance of a transaction is reflected in the 1st and 2nd order derivatives of this score function, and therefore used in the calculation of an anomaly score. Due to how the score function is formulated, this anomaly score can be used in the detection of a particular type of parasite chain, characterized by sudden changes in the in-degree of a transaction in the IOTA graph. The experimental results demonstrate that the proposed method is accurate and linearly scalable in the number of edges in the network.
ISSN: 2376-6506
2022-01-10
Thomas, Diya.  2021.  A Graph-based Approach to Detect DoB Attack. 2021 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events (PerCom Workshops). :422–423.
Wireless sensor networks (WSNs) are underlying network infrastructure for a variety of surveillance applications. The network should be tolerant of unexpected failures of sensor nodes to meet the Quality of Service (QoS) requirements of these applications. One major cause of failure is active security attacks such as Depletion-of-Battery (DoB) attacks. This paper model the problem of detecting such attacks as an anomaly detection problem in a dynamic graph. The problem is addressed by employing a cluster ensemble approach called the K-Means Spectral and Hierarchical ensemble (KSH) approach. The experimental result shows that KSH detected DoB attacks with better accuracy when compared to baseline approaches.
2020-07-03
Jia, Guanbo, Miller, Paul, Hong, Xin, Kalutarage, Harsha, Ban, Tao.  2019.  Anomaly Detection in Network Traffic Using Dynamic Graph Mining with a Sparse Autoencoder. 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :458—465.

Network based attacks on ecommerce websites can have serious economic consequences. Hence, anomaly detection in dynamic network traffic has become an increasingly important research topic in recent years. This paper proposes a novel dynamic Graph and sparse Autoencoder based Anomaly Detection algorithm named GAAD. In GAAD, the network traffic over contiguous time intervals is first modelled as a series of dynamic bipartite graph increments. One mode projection is performed on each bipartite graph increment and the adjacency matrix derived. Columns of the resultant adjacency matrix are then used to train a sparse autoencoder to reconstruct it. The sum of squared errors between the reconstructed approximation and original adjacency matrix is then calculated. An online learning algorithm is then used to estimate a Gaussian distribution that models the error distribution. Outlier error values are deemed to represent anomalous traffic flows corresponding to possible attacks. In the experiment, a network emulator was used to generate representative ecommerce traffic flows over a time period of 225 minutes with five attacks injected, including SYN scans, host emulation and DDoS attacks. ROC curves were generated to investigate the influence of the autoencoder hyper-parameters. It was found that increasing the number of hidden nodes and their activation level, and increasing sparseness resulted in improved performance. Analysis showed that the sparse autoencoder was unable to encode the highly structured adjacency matrix structures associated with attacks, hence they were detected as anomalies. In contrast, SVD and variants, such as the compact matrix decomposition, were found to accurately encode the attack matrices, hence they went undetected.