Majed Jaber

Graph-based spectral analysis for detecting cyber attacks

By Majed Jaber, Nicolas Boutry, Pierre Parrend

2024-05-01

In ARES 2024 (the international conference on availability, reliability and security)

Abstract

Spectral graph theory delves into graph properties through their spectral signatures. The eigenvalues of a graph’s Laplacian matrix are crucial for grasping its connectivity and overall structural topology. This research capitalizes on the inherent link between graph topology and spectral characteristics to enhance spectral graph analysis applications. In particular, such connectivity information is key to detect low signals that betray the occurrence of cyberattacks. This paper introduces SpectraTW, a novel spectral graph analysis methodology tailored for monitoring anomalies in network traffic. SpectraTW relies on four spectral indicators, Connectedness, Flooding, Wiriness, and Asymmetry, derived from network attributes and topological variations, that are defined and evaluated. This method interprets networks as evolving graphs, leveraging the Laplacian matrix’s spectral insights to detect shifts in network structure over time. The significance of spectral analysis becomes especially pronounced in the medical IoT domains, where the complex web of devices and the critical nature of healthcare data amplify the need for advanced security measures. Spectral analysis’s ability to swiftly pinpoint irregularities and shift in network traffic aligns well with the medical IoT’s requirements for prompt attack detection.

Continue reading

Structural and spectral analysis of dynamic graphs for attack detection

By Majed Jaber, Nicolas Boutry, Pierre Parrend

2023-07-01

In Rencontre des jeunes chercheurs en inteligence artificielle (RJCIA-2023)

Abstract

At this time, cyberattacks represent a constant threat. Many approaches exist for detecting suspicious behaviors, but very few of them seem to benefit from the huge potential of mathematical approaches like spectral graph analysis, known to be able to extract topological features of a graph using its Laplacian spectrum. For this reason, we consider our network as a dynamic graph composed of nodes (representing the devices) and of edges (representing the requests), and we compute its Laplacian spectrum across time. An important change of topology inducing an important change in the spectrum, this spectrum seems to be the key to detect threats. Dynamic spectrum-based metrics have been developed for this aim.

Continue reading

Towards attack detection in traffic data based on spectral graph analysis

By Majed Jaber, Nicolas Boutry, Pierre Parrend

2023-04-01

In

Abstract

Nowadays, cyberattacks have become a significant concern for individuals, organizations, and governments. These attacks can take many forms, and the consequences can be severe. In order to protect ourselves from these threats, it is essential to employ a range of different strategies and techniques like detection of patterns, classification of system behaviors against previously known attacks, and anomaly detection techniques. This way, we can identify unknown forms of attacks. Few of these existing techniques seem to fully utilize the potential of mathematical approaches such as spectral graph analysis. This domain is made of tools able to extract important topological features of a graph by computing its Laplacian matrix and its corresponding spectrum. This framework can provide valuable insights into the underlying structure of a network, which can be used to detect cyberthreats. Indeed, significant changes in the topology of the graph result in significant changes in the spectrum of the Laplacian matrix. For this reason, we propose here to address this issue by considering the network as a dynamic graph composed of nodes (devices) and edges (requests between devices), to study the evolution of the Laplacian spectrum, and to compute metrics on this evolving spectrum. This way, we should be able to detect suspicious behaviors which may indicate that an attack is occurring.

Continue reading

Search

Tags