Node Classification of Network Threats Leveraging Graph-Based Characterizations Using Memgraph-Reference-Cited by-同舟云学术

Node Classification of Network Threats Leveraging Graph-Based Characterizations Using Memgraph

Published:2024-07-15 Issue:7 Volume:13 Page:171
ISSN:2073-431X
Container-title:Computers
language:en
Short-container-title:Computers

Author:

Charkhabi Sadaf¹,Samimi Peyman¹,Bagui Sikha S.¹^ORCID,Mink Dustin²^ORCID,Bagui Subhash C.³^ORCID

Affiliation:

1. Department of Computer Science, University of West Florida, Pensacola, FL 32514, USA

2. Department of Cybersecurity, University of West Florida, Pensacola, FL 32514, USA

3. Department of Mathematics and Statistics, University of West Florida, Pensacola, FL 32514, USA

Abstract

This research leverages Memgraph, an open-source graph database, to analyze graph-based network data and apply Graph Neural Networks (GNNs) for a detailed classification of cyberattack tactics categorized by the MITRE ATT&CK framework. As part of graph characterization, the page rank, degree centrality, betweenness centrality, and Katz centrality are presented. Node classification is utilized to categorize network entities based on their role in the traffic. Graph-theoretic features such as in-degree, out-degree, PageRank, and Katz centrality were used in node classification to ensure that the model captures the structure of the graph. The study utilizes the UWF-ZeekDataFall22 dataset, a newly created dataset which consists of labeled network logs from the University of West Florida’s Cyber Range. The uniqueness of this study is that it uses the power of combining graph-based characterization or analysis with machine learning to enhance the understanding and visualization of cyber threats, thereby improving the network security measures.

Funder

National Centers of Academic Excellence in Cybersecurity, NCAE-C-002: Cyber Research Innovation Grant Program

Askew Institute at University of West Florida

Publisher

MDPI AG

Link

https://www.mdpi.com/2073-431X/13/7/171/pdf

Reference21 articles.

1. (2024, April 17). Datasets.uwf.edu. Available online: https://datasets.uwf.edu/.

2. Memgraph (2024, January 06). Getting Started with Memgraph. Available online: https://memgraph.com/docs/getting-started.

3. (2024, January 06). Welcome to Neo4j. Available online: https://neo4j.com/docs/getting-started/.

4. (2024, January 06). Neo4j vs. Memgraph—How to Choose a Graph Database?. Available online: https://memgraph.com/blog/neo4j-vs-memgraph.

5. Mission-centric decision support in cybersecurity via Bayesian Privilege Attack Graph;Eng. Rep.,2022