The integration of anomaly detection and graph summarization enhances cyber security threat analysis, enabling efficient and real-time threat mitigation.
Authors
Pranjal Sharma, Senior Member of Technical Staff, Oracle Corporation Inc., Austin, United States
Akshay Homkar, Assistant Professor, Computer Engineering Department, Rajarambapu Institute of Technology, Islāmpur, India
Sarvagya Jha, Research Associate, Jindal Global Law School, O.P. Jindal Global University, Sonipat, Haryana, India
Krishna Kant Dixit, Department of Electrical Engineering, GLA University, Mathura, India
J. Somasekar, Computer Science and Engineering JAIN (Deemed-to-be University), Faculty of Engineering and Technology, Karnataka, Bengaluru, India
Saef Wbaid, Department of Computers Techniques Engineering, College of Technical Engineering, The Islamic University, Najaf, Iraq
Summary
Cyber security threat analysis has become increasingly complex with the rapid growth of digital networks and sophisticated cyber-attacks. Traditional security measures struggle to efficiently detect and mitigate advanced threats. This study explores the use of anomaly detection and graph summarization techniques for efficient cyber security threat analysis. Anomaly detection is leveraged to identify unusual patterns in network traffic, enabling the early detection of potential threats. Graph summarization is utilized to reduce the complexity of network data while preserving essential structural information, facilitating faster and more accurate threat analysis. By combining these approaches, the proposed model enhances the scalability and efficiency of cyber security systems.
The study investigates various anomaly detection algorithms, including graph-based and machine learning techniques, and evaluates their effectiveness in detecting advanced persistent threats (APTs) and zero-day attacks. Additionally, graph summarization methods such as clustering and graph coarsening are examined for their impact on processing speed and threat detection accuracy. Experimental results demonstrate significant improvements in threat detection rates and reduction in computational overhead. This research contributes to the development of intelligent cyber security systems capable of real-time threat analysis and proactive defense mechanisms, ensuring enhanced network security in an ever-evolving cyber landscape.
Published in: Synthesis Lectures on Computer Science
To read the full chapter, please click here
