Identification of Device Dependencies Using Link Prediction
- URL: http://arxiv.org/abs/2407.03019v1
- Date: Wed, 3 Jul 2024 11:28:09 GMT
- Title: Identification of Device Dependencies Using Link Prediction
- Authors: Lukáš Sadlek, Martin Husák, Pavel Čeleda,
- Abstract summary: We address the identification of dependencies using a new approach based on graph-based machine learning.
The approach belongs to link prediction based on a latent representation of the computer network's communication graph.
It samples random walks over IP addresses that fulfill time conditions imposed on network dependencies.
- Score: 0.05461938536945722
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Devices in computer networks cannot work without essential network services provided by a limited count of devices. Identification of device dependencies determines whether a pair of IP addresses is a dependency, i.e., the host with the first IP address is dependent on the second one. These dependencies cannot be identified manually in large and dynamically changing networks. Nevertheless, they are important due to possible unexpected failures, performance issues, and cascading effects. We address the identification of dependencies using a new approach based on graph-based machine learning. The approach belongs to link prediction based on a latent representation of the computer network's communication graph. It samples random walks over IP addresses that fulfill time conditions imposed on network dependencies. The constrained random walks are used by a neural network to construct IP address embedding, which is a space that contains IP addresses that often appear close together in the same communication chain (i.e., random walk). Dependency embedding is constructed by combining values for IP addresses from their embedding and used for training the resulting dependency classifier. We evaluated the approach using IP flow datasets from a controlled environment and university campus network that contain evidence about dependencies. Evaluation concerning the correctness and relationship to other approaches shows that the approach achieves acceptable performance. It can simultaneously consider all types of dependencies and is applicable for batch processing in operational conditions.
Related papers
- Structural Generalization in Autonomous Cyber Incident Response with Message-Passing Neural Networks and Reinforcement Learning [0.0]
Retraining agents for small network changes costs time and energy.
We create variants of the original network with different numbers of hosts and agents are tested without additional training.
Agents using the default vector state representation perform better, but need to be specially trained on each network variant.
arXiv Detail & Related papers (2024-07-08T09:34:22Z) - Cyber Key Terrain Identification Using Adjusted PageRank Centrality [0.0]
We propose an approach for the classification of IP addresses belonging to cyber key terrain according to their network position using the PageRank centrality adjusted by machine learning.
We evaluate the approach on a dataset from a cyber defense exercise and on data from the campus network.
arXiv Detail & Related papers (2023-06-19T15:30:09Z) - Dynamic Graph Message Passing Networks for Visual Recognition [112.49513303433606]
Modelling long-range dependencies is critical for scene understanding tasks in computer vision.
A fully-connected graph is beneficial for such modelling, but its computational overhead is prohibitive.
We propose a dynamic graph message passing network, that significantly reduces the computational complexity.
arXiv Detail & Related papers (2022-09-20T14:41:37Z) - Task-Oriented Sensing, Computation, and Communication Integration for
Multi-Device Edge AI [108.08079323459822]
This paper studies a new multi-intelligent edge artificial-latency (AI) system, which jointly exploits the AI model split inference and integrated sensing and communication (ISAC)
We measure the inference accuracy by adopting an approximate but tractable metric, namely discriminant gain.
arXiv Detail & Related papers (2022-07-03T06:57:07Z) - Privatized Graph Federated Learning [57.14673504239551]
We introduce graph federated learning, which consists of multiple units connected by a graph.
We show how graph homomorphic perturbations can be used to ensure the algorithm is differentially private.
arXiv Detail & Related papers (2022-03-14T13:48:23Z) - Reconsidering Dependency Networks from an Information Geometry
Perspective [2.6778110563115542]
Dependency networks are potential probabilistic graphical models for systems comprising a large number of variables.
The structure of a dependency network is represented by a directed graph, and each node has a conditional probability table.
We show that the dependency network and the Bayesian network have roughly the same performance in terms of the accuracy of their learned distributions.
arXiv Detail & Related papers (2021-07-02T07:05:11Z) - Decoupled and Memory-Reinforced Networks: Towards Effective Feature
Learning for One-Step Person Search [65.51181219410763]
One-step methods have been developed to handle pedestrian detection and identification sub-tasks using a single network.
There are two major challenges in the current one-step approaches.
We propose a decoupled and memory-reinforced network (DMRNet) to overcome these problems.
arXiv Detail & Related papers (2021-02-22T06:19:45Z) - Mutually exciting point process graphs for modelling dynamic networks [0.0]
A new class of models for dynamic networks is proposed, called mutually exciting point process graphs (MEG)
MEG is a scalable network-wide statistical model for point processes with dyadic marks, which can be used for anomaly detection.
The model is tested on simulated graphs and real world computer network datasets, demonstrating excellent performance.
arXiv Detail & Related papers (2021-02-11T10:14:55Z) - Unsupervised Learning for Asynchronous Resource Allocation in Ad-hoc
Wireless Networks [122.42812336946756]
We design an unsupervised learning method based on Aggregation Graph Neural Networks (Agg-GNNs)
We capture the asynchrony by modeling the activation pattern as a characteristic of each node and train a policy-based resource allocation method.
arXiv Detail & Related papers (2020-11-05T03:38:36Z) - A Graph Neural Network Approach for Scalable and Dynamic IP Similarity
in Enterprise Networks [1.6516902135723865]
Measuring similarity between IP addresses is an important task in the daily operations of any enterprise network.
In this paper, we propose a novel approach for IP embedding using an adapted graph neural network (GNN) architecture.
arXiv Detail & Related papers (2020-10-09T19:43:30Z) - Dynamic Graph: Learning Instance-aware Connectivity for Neural Networks [78.65792427542672]
Dynamic Graph Network (DG-Net) is a complete directed acyclic graph, where the nodes represent convolutional blocks and the edges represent connection paths.
Instead of using the same path of the network, DG-Net aggregates features dynamically in each node, which allows the network to have more representation ability.
arXiv Detail & Related papers (2020-10-02T16:50:26Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.