Multi-type relational clustering for enterprise cyber-security networks
نویسندگان
چکیده
Several cyber-security data sources are collected in enterprise networks providing relational information between different types of nodes the network, namely computers, users and ports. This can be expressed as adjacency matrices detailing inter-type relationships corresponding to relations intra-type showing same type. In this paper, we propose an extension Non-Negative Matrix Tri-Factorisation (NMTF) simultaneously cluster based on their intra relationships. Existing NMTF clustering methods suffer from long computational times due large matrix multiplications. our approach, enforce stricter indicator constraints factor circumvent these issues. Additionally, make proposed approach less susceptible variation results random initialisation, a novel initialisation procedure Double Singular Value Decomposition for multi-type clustering. Finally, new performance measure suitable assessing unlabelled sets is presented. Our algorithm assessed both simulated real computer network against standard approaches its strong performance.
منابع مشابه
Intelligent Cyber Security Analysis in Enterprise Networks
In this paper, we position the correct way of using graphical models for enhancing cyber security analysis in enterprise networks. Graphical models can be powerful in representation, analysis and visualization. We describe the need of introducing “intelligence” in security analysis, followed by a critical review of state-of-the-art attack graph approaches. Such review leads to the lessons learn...
متن کاملOrthogonal Nonnegative Matrix Factorization for Multi-type Relational Clustering
Relational clustering with heterogeneous data objects has impact in various important applications, such as web mining, text mining and bioinformatics etc. In this paper, we build a star-structured general model for relational clustering. It is formulated as an orthogonal tri-nonnegative matrix factorization. The model performs matrix approximation among all different data types to look for hid...
متن کاملCyber-Physical Security for Wireless Sensor Networks
Cyber-Physical Security is an important topic that needs to properly address. Of particular concern is the field of wireless sensor networks which possess special characteristics that make them especially vulnerable to attacks and natural disasters. This position paper focuses on the critical issues and calls for directed research for finding solutions to these issues.
متن کاملCyber Security of Industrial Networks
SCADA stands for Supervisory Control and Data Acquisition, a communication technology which collects data from distant facilities and sends control signals to actuators. There are several factors which increase the risk associated with SCADA systems. SCADA components are considered to be profoundly privileged targets for cyber attacks through which hackers can easily hit the nation’s critical i...
متن کاملSecurity Risks and Modern Cyber Security Technologies for Corporate Networks
market of corporate antivirus solutions. Brief overview of modern security threats that can destroy IT environment is provided as well as a typical structure and features of antivirus suits for corporate users presented on the market. The general requirements for corporate products are determined according to the last report from av-comparatives.org [1]. The detailed analysis of new features is...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Pattern Recognition Letters
سال: 2021
ISSN: ['1872-7344', '0167-8655']
DOI: https://doi.org/10.1016/j.patrec.2021.05.021