Data Interaction Security Monitoring Technology Based on Behavior Graph Representation
Authors: 
Yiliang Wang, Jiasai Sun, Fan Yang, Xin LuAuthors Info & Claims
Yiliang Wang, Jiasai Sun, Fan Yang, Xin LuAuthors Info & ClaimsPages 30 - 34
Abstract
During the operation of new power system, attackers may access multiple services at the same time through multiple accounts. In this case, monitoring an account alone will not identify the exception. In addition, malicious accounts sometimes perform abnormal operations, and operate normally most of the time to hide their abnormal behavior, increasing detection difficulty. Therefore, this paper proposes a data interaction security monitoring technology based on behavior graph representation. To be specific, we construct network traffic as a dynamic graph by data security monitoring technique based on DPDK and DPI as well as distributed log parsing and service access feature extraction technique. Then, we map the dynamic graph to a vector representation by extracting and coding regional subgraphs, and realize the anomaly detection of regional data by identifying the variable degree of the graph at different time in the high-latitude space.
References
[1]
Bryan Hooi, Kijung Shin, Hyun Ah Song, Alex Beutel, Neil Shah and Christos Faloutsos. 2017. Graph-Based Fraud Detection in the Face of Camouflage. ACM Trans. Knowl. Discov. Data 11, 4, Article 44 (November 2017), 26 pages. https://doi.org/10.1145/3056563
[2]
Meng Jiang, Peng Cui, Alex Beutel, Christos Faloutsos and Shiqiang Yang. 2016. Catching Synchronized Behaviors in Large Networks: A Graph Mining Approach. ACM Trans. Knowl. Discov. Data 10, 4, Article 35 (July 2016), 27 pages. https://doi.org/10.1145/2746403
[3]
Rakshit Trivedi, Mehrdad Farajtabar, Prasenjeet Biswal and Hongyuan Zha. 2019. DyRep: Learning Representations over Dynamic Graphs. International Conference on Learning Representations. https://api.semanticscholar.org/CorpusID:108296188
[4]
Petar Velikovi, Guillem Cucurull, Arantxa Casanova, Adriana Romero, Pietro Liò and Yoshua Bengio. 2017. Graph Attention Networks.
[5]
Srijan Kumar, Xikun Zhang and Jure Leskovec. 2019. Predicting Dynamic Embedding Trajectory in Temporal Interaction Networks. In Proceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining (KDD '19). Association for Computing Machinery, New York, NY, USA, 1269–1278. https://doi.org/10.1145/3292500.3330895
[6]
Da Xu, Chuanwei Ruan, Evren Korpeoglu, Sushant Kumar and Kannan Achan. 2020 Inductive representation learning on temporal graphs.
[7]
Nong Ye and Qiang Chen. An anomaly detection technique based on a chi‐square statistic for detecting intrusions into information systems. Quality and reliability engineering international, 2001, 17(2): 105-112.
[8]
Christopher Krügel, Thomas Toth, and Engin Kirda. 2002. Service specific anomaly detection for network intrusion detection. In Proceedings of the 2002 ACM symposium on Applied computing (SAC '02). Association for Computing Machinery, New York, NY, USA, 201–208. https://doi.org/10.1145/508791.508835
[9]
Ingo Steinwart, Don Hush, and Clint Scovel. 2005. A Classification Framework for Anomaly Detection. J. Mach. Learn. Res. 6 (12/1/2005), 211–232.
[10]
Bergman Liron and Hoshen Yedid. Classification-based anomaly detection for general data. arXiv preprint arXiv:2005.02359, 2020. https://doi.org/10.48550/arXiv.2005.02359
[11]
F. Gonzalez, D. Dasgupta and R. Kozma, "Combining negative selection and classification techniques for anomaly detection," Proceedings of the 2002 Congress on Evolutionary Computation. CEC'02 (Cat. No.02TH8600), Honolulu, HI, USA, 2002, pp. 705-710 vol.1.
Index Terms
- Data Interaction Security Monitoring Technology Based on Behavior Graph Representation
Recommendations
Complexity of edge monitoring on some graph classes
AbstractIn this paper, we study the complexity of the edge monitoring problem. A vertex v monitors an edge e if both endpoints together with v form a triangle in the graph. Given a graph G = ( V , E ) and a weight function on edges c where c ( ...
Representation characterizations of chordal bipartite graphs
A bipartite graph is chordal bipartite if it does not contain an induced cycle of length at least six. We give three representation characterizations of chordal bipartite graphs. More precisely, we show that a bipartite graph is chordal bipartite if and ...
Quantum state representation based on combinatorial Laplacian matrix of star-relevant graph
In this paper the density matrices derived from combinatorial Laplacian matrix of graphs is considered. More specifically, the paper places emphasis on the star-relevant graph, which means adding certain edges on peripheral vertices of star graph. ...
Comments
Information & Contributors
Information
Published In
January 2024
669 pages
ISBN:9798400716959
DOI:10.1145/3673277
Copyright © 2024 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 30 July 2024
Check for updates
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
CNSCT 2024
CNSCT 2024: 2024 3rd International Conference on Cryptography, Network Security and Communication Technology
January 19 - 21, 2024
Harbin, China
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 10Total Downloads
- Downloads (Last 12 months)10
- Downloads (Last 6 weeks)0
Reflects downloads up to 09 Nov 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format