Graph coarsening for path finding in cybersecurity graphs

Hogan, Emilie; Johnson, John R.; Halappanavar, Mahantesh

doi:10.1145/2459976.2459984

Cited by 8 publications

(4 citation statements)

References 8 publications

(11 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The work by Ammann et al (2002) demonstrates the use of simple but large graphs in network vulnerability analysis. Perhaps somewhat similar to our research, the work by Hogan et al (2013) shows a method of graph abstraction using graph minors over a path to help predict and detect lateral movement within large networks. Unfortunately, this work did not contain results that enable comparison.…”

Section: Related Worksupporting

confidence: 66%

Authentication graphs: Analyzing user behavior within an enterprise network

Kent¹,

Liebrock²,

Neil³

2015

Computers & Security

View full text Add to dashboard Cite

User authentication over the network builds a foundation of trust within largescale computer networks. The collection of this network authentication activity provides valuable insight into user behavior within an enterprise network. Representing this authentication data as a set of user-specific graphs and graph features, including time-constrained attributes, enables novel and comprehensive analysis opportunities. We show graph-based approaches to user classification and intrusion detection with practical results. We also show a method for assessing network authentication trust risk and cyber attack mitigation within an enterprise network using bipartite authentication graphs. We demonstrate the value of these graph-based approaches on a real-world authentication data set collected from an enterprise network.

show abstract

Section: Related Worksupporting

confidence: 66%

Authentication graphs: Analyzing user behavior within an enterprise network

Kent¹,

Liebrock²,

Neil³

2015

Computers & Security

View full text Add to dashboard Cite

show abstract

“…Thus, by suitably expressing reachability across multiple layers, we can measure robustness as a function of reachability. Using a single-network approach we used reachability as a metric to express vulnerability of a cyber system [18], and plan to extend this approach to multi-layer networks in our future work.…”

Section: B Reachbility Analysismentioning

confidence: 99%

Towards a network-of-networks framework for cyber security

Halappanavar

Choudhury

Hogan

et al. 2013

2013 IEEE International Conference on Intelligence and Security Informatics

Self Cite

View full text Add to dashboard Cite

Networks-of-networks (NoN) is a graph-theoretic model of interdependent networks that have distinct dynamics at each network (layer). By adding special edges to represent relationships between nodes in different layers, NoN provides a unified mechanism to study interdependent systems intertwined in a complex relationship. While NoN based models have been proposed for cyber-physical systems, in this position paper we build towards a three-layered NoN model for an enterprise cyber system. Each layer captures a different facet of a cyber system. We present in-depth discussion for four major graphtheoretic applications to demonstrate how the three-layered NoN model can be leveraged for continuous system monitoring and mission assurance.

show abstract

“…The general technique of graph coarsening has been heavily used in the past for practical and theoretical algorithms [14,19,27,34,48]. A typical approach is to find a matching E ⊂ E(G) for a graph G and contract the edges in E to find a minor F of G. The problem at hand is then solved on F and the solution is translated to an approximate solution for G [34].…”

Section: Introductionmentioning

confidence: 99%

Space-Efficient Graph Coarsening with Applications to Succinct Planar Encodings

Kammer¹,

Meintrup²

2022

Preprint

View full text Add to dashboard Cite

We present a novel space-efficient graph coarsening technique for n-vertex separable graphs G, in particular for planar graphs, called cloud partition, which partitions the vertices V (G) into disjoint sets C of size O(log n) such that each C induces a connected subgraph of G. Using this partition P we construct a so-called structure-maintaining minor F of G via specific contractions within the disjoint sets such that F has O(n/ log n) vertices. The combination of (F, P) is referred to as a cloud decomposition.We call a graph G = (V, E) separable if it admits to an O(n c )-separator theorem for some constant c < 1 meaning there exists a separator S ⊂ V that partitions V into {A, S, B} such that no vertices of A and B are adjacent in G and neither A nor B contain more than c n vertices for a fixed constant c < 1. Due to the last property such separators are called balanced. This famously includes planar graphs, which admit an O( √ n)-separator theorem. For planar graphs we show that a cloud decomposition can be constructed in O(n) time and using O(n) bits. Given a cloud decomposition (F, P) constructed for a planar graph G we are able to find a balanced separator of G in O(n/ log n) time. Contrary to related publications, we do not make use of an embedding of the input graph. This allows us to construct the succinct encoding scheme for planar graphs due to Blelloch and Farzan (CPM 2010) in O(n) time and O(n) bits improving both runtime and space by a factor of Θ(log n). As an additional application of our cloud decomposition we show that a tree decomposition for planar graphs of width O(n 1/2+ ) for any > 0 can be constructed in O(n) bits and a time linear in the size of the tree decomposition. A similar result by Izumi and Otachi (ICALP 2020) constructs a tree decomposition of width O(k √ n log n) for graphs of treewidth k ≤ √ n in sublinear space and polynomial time. Finally, we generalize our cloud decomposition from planar graphs to arbitrary separable graphs.

show abstract

Graph coarsening for path finding in cybersecurity graphs

Cited by 8 publications

References 8 publications

Authentication graphs: Analyzing user behavior within an enterprise network

Authentication graphs: Analyzing user behavior within an enterprise network

Towards a network-of-networks framework for cyber security

Space-Efficient Graph Coarsening with Applications to Succinct Planar Encodings

Contact Info

Product

Resources

About