A Review of Topological Data Analysis for Cybersecurity

• URL: http://arxiv.org/abs/2202.08037v1
• Date: Wed, 16 Feb 2022 13:03:52 GMT
• Title: A Review of Topological Data Analysis for Cybersecurity
• Authors: Thomas Davies
• Abstract summary: Topological Data Analysis (TDA) studies the high level structure of data using techniques from algebraic topology. We hope to highlight to researchers a promising new area with strong potential to improve cybersecurity data science.
• Score: 1.0878040851638
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: In cybersecurity it is often the case that malicious or anomalous activity can only be detected by combining many weak indicators of compromise, any one of which may not raise suspicion when taken alone. The path that such indicators take can also be critical. This makes the problem of analysing cybersecurity data particularly well suited to Topological Data Analysis (TDA), a field that studies the high level structure of data using techniques from algebraic topology, both for exploratory analysis and as part of a machine learning workflow. By introducing TDA and reviewing the work done on its application to cybersecurity, we hope to highlight to researchers a promising new area with strong potential to improve cybersecurity data science.

Related papers

• Model Inversion Attacks: A Survey of Approaches and Countermeasures [59.986922963781]
  Recently, a new type of privacy attack, the model inversion attacks (MIAs), aims to extract sensitive features of private data for training. Despite the significance, there is a lack of systematic studies that provide a comprehensive overview and deeper insights into MIAs. This survey aims to summarize up-to-date MIA methods in both attacks and defenses.
  arXiv  Detail & Related papers  (2024-11-15T08:09:28Z)
• Adversarial Challenges in Network Intrusion Detection Systems: Research Insights and Future Prospects [0.33554367023486936]
  This paper provides a comprehensive review of machine learning-based Network Intrusion Detection Systems (NIDS) We critically examine existing research in NIDS, highlighting key trends, strengths, and limitations. We discuss emerging challenges in the field and offer insights for the development of more robust and resilient NIDS.
  arXiv  Detail & Related papers  (2024-09-27T13:27:29Z)
• Enhancing Cyber Security through Predictive Analytics: Real-Time Threat Detection and Response [0.0]
  The study uses a dataset from Kaggle with 2000 instances of network traffic and security events. The findings show that predictive analytics enhance the vigilance of threats and response time. This paper advocates for predictive analytics as an essential component for developing preventative cyber security strategies.
  arXiv  Detail & Related papers  (2024-07-15T16:11:34Z)
• It Is Time To Steer: A Scalable Framework for Analysis-driven Attack Graph Generation [50.06412862964449]
  Attack Graph (AG) represents the best-suited solution to support cyber risk assessment for multi-step attacks on computer networks. Current solutions propose to address the generation problem from the algorithmic perspective and postulate the analysis only after the generation is complete. This paper rethinks the classic AG analysis through a novel workflow in which the analyst can query the system anytime.
  arXiv  Detail & Related papers  (2023-12-27T10:44:58Z)
• Progressing from Anomaly Detection to Automated Log Labeling and Pioneering Root Cause Analysis [53.24804865821692]
  This study introduces a taxonomy for log anomalies and explores automated data labeling to mitigate labeling challenges. The study envisions a future where root cause analysis follows anomaly detection, unraveling the underlying triggers of anomalies.
  arXiv  Detail & Related papers  (2023-12-22T15:04:20Z)
• Stepping out of Flatland: Discovering Behavior Patterns as Topological Structures in Cyber Hypergraphs [0.7835894511242797]
  We present a novel framework based in the theory of hypergraphs and topology to understand data from cyber networks. We will demonstrate concrete examples in a large-scale cyber network dataset.
  arXiv  Detail & Related papers  (2023-11-08T00:00:33Z)
• Few-shot Weakly-supervised Cybersecurity Anomaly Detection [1.179179628317559]
  We propose an enhancement to an existing few-shot weakly-supervised deep learning anomaly detection framework. This framework incorporates data augmentation, representation learning and ordinal regression. We then evaluated and showed the performance of our implemented framework on three benchmark datasets.
  arXiv  Detail & Related papers  (2023-04-15T04:37:54Z)
• Graph Mining for Cybersecurity: A Survey [61.505995908021525]
  The explosive growth of cyber attacks nowadays, such as malware, spam, and intrusions, caused severe consequences on society. Traditional Machine Learning (ML) based methods are extensively used in detecting cyber threats, but they hardly model the correlations between real-world cyber entities. With the proliferation of graph mining techniques, many researchers investigated these techniques for capturing correlations between cyber entities and achieving high performance.
  arXiv  Detail & Related papers  (2023-04-02T08:43:03Z)
• PicoDomain: A Compact High-Fidelity Cybersecurity Dataset [0.9281671380673305]
  Current cybersecurity datasets either offer no ground truth or do so with anonymized data. Most existing datasets are large enough to make them unwieldy during prototype development. In this paper we have developed the PicoDomain dataset, a compact high-fidelity collection of Zeek logs from a realistic intrusion.
  arXiv  Detail & Related papers  (2020-08-20T20:18:04Z)
• Graph Backdoor [53.70971502299977]
  We present GTA, the first backdoor attack on graph neural networks (GNNs) GTA departs in significant ways: it defines triggers as specific subgraphs, including both topological structures and descriptive features. It can be instantiated for both transductive (e.g., node classification) and inductive (e.g., graph classification) tasks.
  arXiv  Detail & Related papers  (2020-06-21T19:45:30Z)
• Survey of Network Intrusion Detection Methods from the Perspective of the Knowledge Discovery in Databases Process [63.75363908696257]
  We review the methods that have been applied to network data with the purpose of developing an intrusion detector. We discuss the techniques used for the capture, preparation and transformation of the data, as well as, the data mining and evaluation methods. As a result of this literature review, we investigate some open issues which will need to be considered for further research in the area of network security.
  arXiv  Detail & Related papers  (2020-01-27T11:21:05Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.