Related papers: Distributed Temporal Graph Learning with Provenance for APT Detection in Supply Chains

Distributed Temporal Graph Learning with Provenance for APT Detection in Supply Chains

URL: http://arxiv.org/abs/2504.02313v1
Date: Thu, 03 Apr 2025 06:42:26 GMT
Title: Distributed Temporal Graph Learning with Provenance for APT Detection in Supply Chains
Authors: Zhuoran Tan, Christos Anagnostopoulos, Jeremy Singer,
Abstract summary: Advanced persistent threats (APTs) frequently leverage supply chain vulnerabilities (SCVs) as entry points.<n>Current defense strategies primarly focus on blockchain for integrity assurance or detection using plain-text source code analysis in open-source software (OSS)<n>We propose a novel approach that integrates multi-source data, constructs a comprehensive dynamic graph provenance, and detects APT behavior in real time using temporal graph learning.
Score: 4.3627234063853955
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Cyber supply chain, encompassing digital asserts, software, hardware, has become an essential component of modern Information and Communications Technology (ICT) provisioning. However, the growing inter-dependencies have introduced numerous attack vectors, making supply chains a prime target for exploitation. In particular, advanced persistent threats (APTs) frequently leverage supply chain vulnerabilities (SCVs) as entry points, benefiting from their inherent stealth. Current defense strategies primarly focus on prevention through blockchain for integrity assurance or detection using plain-text source code analysis in open-source software (OSS). However, these approaches overlook scenarios where source code is unavailable and fail to address detection and defense during runtime. To bridge this gap, we propose a novel approach that integrates multi-source data, constructs a comprehensive dynamic provenance graph, and detects APT behavior in real time using temporal graph learning. Given the lack of tailored datasets in both industry and academia, we also aim to simulate a custom dataset by replaying real-world supply chain exploits with multi-source monitoring.

Related papers

An Analytics-Driven Approach to Enhancing Supply Chain Visibility with Graph Neural Networks and Federated Learning [52.79646338275159]
We propose a novel approach that integrates Federated Learning (FL) and Graph Convolutional Neural Networks (GCNs) to enhance supply chain visibility.<n>FL enables collaborative model training across countries by facilitating information sharing without requiring raw data exchange.<n>GCNs empower the framework to capture intricate relational patterns within knowledge graphs, enabling accurate link prediction to uncover hidden connections.
arXiv Detail & Related papers (2025-03-10T12:15:45Z)
CONTINUUM: Detecting APT Attacks through Spatial-Temporal Graph Neural Networks [0.9553673944187253]
Advanced Persistent Threats (APTs) represent a significant challenge in cybersecurity.<n>Traditional Intrusion Detection Systems (IDS) often fall short in detecting these multi-stage attacks.
arXiv Detail & Related papers (2025-01-06T12:43:59Z)
Enhancing Supply Chain Visibility with Generative AI: An Exploratory Case Study on Relationship Prediction in Knowledge Graphs [52.79646338275159]
Relationship prediction aims to increase the visibility of supply chains using data-driven techniques.<n>Existing methods have been successful for predicting relationships but struggle to extract the context in which these relationships are embedded.<n>Lack of context prevents practitioners from distinguishing transactional relations from established supply chain relations.
arXiv Detail & Related papers (2024-12-04T15:19:01Z)
OSPtrack: A Labeled Dataset Targeting Simulated Execution of Open-Source Software [0.0]
This dataset includes 9,461 package reports, of which 1,962 are identified as malicious.<n>The dataset includes both static and dynamic features such as files, sockets, commands, and DNS records.<n>This dataset supports runtime detection, enhances detection model training, and enables efficient comparative analysis across ecosystems.
arXiv Detail & Related papers (2024-11-22T10:07:42Z)
Enhancing Supply Chain Visibility with Knowledge Graphs and Large Language Models [49.898152180805454]
This paper presents a novel framework leveraging Knowledge Graphs (KGs) and Large Language Models (LLMs) to enhance supply chain visibility. Our zero-shot, LLM-driven approach automates the extraction of supply chain information from diverse public sources. With high accuracy in NER and RE tasks, it provides an effective tool for understanding complex, multi-tiered supply networks.
arXiv Detail & Related papers (2024-08-05T17:11:29Z)
Unsupervised Abnormal Traffic Detection through Topological Flow Analysis [1.933681537640272]
topological connectivity component of a malicious flow is less exploited. We present a simple method that facilitate the use of connectivity graph features in unsupervised anomaly detection algorithms.
arXiv Detail & Related papers (2022-05-14T18:52:49Z)
Software Vulnerability Detection via Deep Learning over Disaggregated Code Graph Representation [57.92972327649165]
This work explores a deep learning approach to automatically learn the insecure patterns from code corpora. Because code naturally admits graph structures with parsing, we develop a novel graph neural network (GNN) to exploit both the semantic context and structural regularity of a program.
arXiv Detail & Related papers (2021-09-07T21:24:36Z)
Will bots take over the supply chain? Revisiting Agent-based supply chain automation [71.77396882936951]
Agent-based supply chains have been proposed since early 2000; industrial uptake has been lagging. We find that agent-based technology has matured, and other supporting technologies that are penetrating supply chains are filling in gaps. For example, the ubiquity of IoT technology helps agents "sense" the state of affairs in a supply chain and opens up new possibilities for automation.
arXiv Detail & Related papers (2021-09-03T18:44:26Z)
Data Considerations in Graph Representation Learning for Supply Chain Networks [64.72135325074963]
We present a graph representation learning approach to uncover hidden dependency links. We demonstrate that our representation facilitates state-of-the-art performance on link prediction of a global automotive supply chain network.
arXiv Detail & Related papers (2021-07-22T12:28:15Z)

This list is automatically generated from the titles and abstracts of the papers in this site.