Hypergraph Topological Features for Autoencoder-Based Intrusion Detection for Cybersecurity Data
- URL: http://arxiv.org/abs/2312.00023v1
- Date: Thu, 9 Nov 2023 20:05:10 GMT
- Title: Hypergraph Topological Features for Autoencoder-Based Intrusion Detection for Cybersecurity Data
- Authors: Bill Kay, Sinan G. Aksoy, Molly Baird, Daniel M. Best, Helen Jenne, Cliff Joslyn, Christopher Potvin, Gregory Henselman-Petrusek, Garret Seppala, Stephen J. Young, Emilie Purvine,
- Abstract summary: We argue that when hypergraphs are used to capture multi-way local relations of data, their resulting topological features describe global behaviour.
We propose two such potential pipelines for cybersecurity data, one that uses an autoencoder directly to determine network intrusions, and one that de-noises input data for a persistent homology system, PHANTOM.
- Score: 0.8046432252929225
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: In this position paper, we argue that when hypergraphs are used to capture multi-way local relations of data, their resulting topological features describe global behaviour. Consequently, these features capture complex correlations that can then serve as high fidelity inputs to autoencoder-driven anomaly detection pipelines. We propose two such potential pipelines for cybersecurity data, one that uses an autoencoder directly to determine network intrusions, and one that de-noises input data for a persistent homology system, PHANTOM. We provide heuristic justification for the use of the methods described therein for an intrusion detection pipeline for cyber data. We conclude by showing a small example over synthetic cyber attack data.
Related papers
- A Robust and Explainable Data-Driven Anomaly Detection Approach For
Power Electronics [56.86150790999639]
We present two anomaly detection and classification approaches, namely the Matrix Profile algorithm and anomaly transformer.
The Matrix Profile algorithm is shown to be well suited as a generalizable approach for detecting real-time anomalies in streaming time-series data.
A series of custom filters is created and added to the detector to tune its sensitivity, recall, and detection accuracy.
arXiv Detail & Related papers (2022-09-23T06:09:35Z) - Hyperbolic Self-supervised Contrastive Learning Based Network Anomaly
Detection [0.0]
Anomaly detection on the attributed network has recently received increasing attention in many research fields.
We propose an efficient anomaly detection framework using hyperbolic self-supervised contrastive learning.
arXiv Detail & Related papers (2022-09-12T07:08:34Z) - Representation Learning for Content-Sensitive Anomaly Detection in
Industrial Networks [0.0]
This thesis proposes a framework to learn spatial-temporal aspects of raw network traffic in an unsupervised and protocol-agnostic manner.
The learned representations are used to measure the effect on the results of a subsequent anomaly detection.
arXiv Detail & Related papers (2022-04-20T09:22:41Z) - Self-Supervised and Interpretable Anomaly Detection using Network
Transformers [1.0705399532413615]
This paper introduces the Network Transformer (NeT) model for anomaly detection.
NeT incorporates the graph structure of the communication network in order to improve interpretability.
The presented approach was tested by evaluating the successful detection of anomalies in an Industrial Control System.
arXiv Detail & Related papers (2022-02-25T22:05:59Z) - Attentive Prototypes for Source-free Unsupervised Domain Adaptive 3D
Object Detection [85.11649974840758]
3D object detection networks tend to be biased towards the data they are trained on.
We propose a single-frame approach for source-free, unsupervised domain adaptation of lidar-based 3D object detectors.
arXiv Detail & Related papers (2021-11-30T18:42:42Z) - Finding Facial Forgery Artifacts with Parts-Based Detectors [73.08584805913813]
We design a series of forgery detection systems that each focus on one individual part of the face.
We use these detectors to perform detailed empirical analysis on the FaceForensics++, Celeb-DF, and Facebook Deepfake Detection Challenge datasets.
arXiv Detail & Related papers (2021-09-21T16:18:45Z) - MD-CSDNetwork: Multi-Domain Cross Stitched Network for Deepfake
Detection [80.83725644958633]
Current deepfake generation methods leave discriminative artifacts in the frequency spectrum of fake images and videos.
We present a novel approach, termed as MD-CSDNetwork, for combining the features in the spatial and frequency domains to mine a shared discriminative representation.
arXiv Detail & Related papers (2021-09-15T14:11:53Z) - DAE : Discriminatory Auto-Encoder for multivariate time-series anomaly
detection in air transportation [68.8204255655161]
We propose a novel anomaly detection model called Discriminatory Auto-Encoder (DAE)
It uses the baseline of a regular LSTM-based auto-encoder but with several decoders, each getting data of a specific flight phase.
Results show that the DAE achieves better results in both accuracy and speed of detection.
arXiv Detail & Related papers (2021-09-08T14:07:55Z) - SOME/IP Intrusion Detection using Deep Learning-based Sequential Models
in Automotive Ethernet Networks [2.3204135551124407]
Intrusion Detection Systems are widely used to detect cyberattacks.
We present a deep learning-based sequential model for offline intrusion detection on SOME/IP protocol.
arXiv Detail & Related papers (2021-08-04T09:58:06Z) - Graph Backdoor [53.70971502299977]
We present GTA, the first backdoor attack on graph neural networks (GNNs)
GTA departs in significant ways: it defines triggers as specific subgraphs, including both topological structures and descriptive features.
It can be instantiated for both transductive (e.g., node classification) and inductive (e.g., graph classification) tasks.
arXiv Detail & Related papers (2020-06-21T19:45:30Z) - Adversarial Examples Detection and Analysis with Layer-wise Autoencoders [11.048707408233724]
We present a mechanism for detecting adversarial examples based on data representations taken from the hidden layers of the target network.
This allows us to describe the manifold of true data and decide whether a given example has the same characteristics as true data.
It also gives us insight into the behavior of adversarial examples and their flow through the layers of a deep neural network.
arXiv Detail & Related papers (2020-06-17T17:17:54Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.