Skip to main content
SpringerLink
Log in

A Graph Theoretical Methodology for Network Intrusion Fingerprinting and Attack Attribution

  • Conference paper
  • First Online:
Intelligent Computing (SAI 2022)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 508))

Included in the following conference series:

  • 660 Accesses

Abstract

Currently the field of network forensics lacks a methodology for attack fingerprinting. Such a methodology would enhance attack attribution. Currently, attack attribution is often quite subjective. The current research provides a mathematically rigorous procedure for creating fingerprints of network intrusions. These fingerprints can be compared to the fingerprints of known cyber-attacks, to provide a mathematically robust method for attack attribution.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 189.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 249.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Bondy, J.A., Murty, U.S.R.: Graph Theory with Applications, vol. 290. Macmillan, London (1976)

    Book  MATH  Google Scholar 

  2. Deo, N.: Graph Theory with Applications to Engineering and Computer Science. Courier Dover Publications (2017)

    Google Scholar 

  3. Easttom, C.: On the application of algebraic graph theory to modeling network intrusions. In: IEEE 10th Annual Computing and Communication Conference, pp. 0424–0430 (2020)

    Google Scholar 

  4. Easttom, C., Adda, M.: The creation of network intrusion fingerprints by graph (2020)

    Google Scholar 

  5. Easttom, C. Adda, M.: The creation of network intrusion fingerprints by graph homomorphism. WSEAS Trans. Inform. Sci. Appl. 17. https://doi.org/10.37394/23209.2020.17.15

  6. Goldreich, O.: Flexible models for testing graph properties. Comput. Comp./Prop. Test. 352–362 (2020)

    Google Scholar 

  7. Godsil, C., Royle, G.F.: Algebraic graph theory. Springer Science & Business Media, New York (2013)

    Google Scholar 

  8. Gross, J., Yellen, J., Zhang, P.: Handbook of Graph Theory. CRC Press, New York (2013)

    Google Scholar 

  9. Han, L., Liu, G., Yang, X., Han, B.: A computational synthesis approach of mechanical conceptual design based on graph theory and polynomial operation. Chin. J. Mech. Eng. 33(1), 2 (2020)

    Article  Google Scholar 

  10. Hartsfield, N., Ringel, G.: Pearls in Graph Theory: A Comprehensive Introduction. Courier Corporation (2013)

    Google Scholar 

  11. Hoffmann, R., McCreesh, C., Reilly, C.: Between subgraph isomorphism and maximum common subgraph. In: Proceedings of the AAAI Conference on Artificial Intelligence, vol. 31, no. 1 (2017)

    Google Scholar 

  12. Knauer, U., Knauer, K.: Algebraic Graph Theory: Morphisms, Monoids and Matrices. Walter de Gruyter Press, Berlin (2019)

    Google Scholar 

  13. Kulkarni, S.J.: Graph theory: applications to chemical engineering and chemistry. Galore Int. J. Appl. Sci. Human. 1(2), 17–20 (2017)

    Google Scholar 

  14. Marzuki, C.C.: Total irregularity strength of m-copies of rhombus graph. J. Phys.: Conf. Ser. 1116(2), 022023 (2018)

    Google Scholar 

  15. Palmer, I., Gelfand, B., Campbell, R.: Exploring digital evidence with graph theory. In: 2017 ADFSL Conference on Digital Forensics, Security, and Law (2017)

    Google Scholar 

  16. Qiao, Z., Koolen, J.H., Markowsky, G.: On the Cheeger constant for distance-regular graphs. J. Combinat. Theory, Ser. A 173, 105227 (2020)

    Article  MathSciNet  MATH  Google Scholar 

  17. Samsi, S., et al.: Static graph challenge: subgraph isomorphism. In: 2017 IEEE High Performance Extreme Computing Conference (HPEC), pp. 1–6, September 2017

    Google Scholar 

  18. Sporns, O.: Graph theory methods: applications in brain networks. Dial. Clin. Neurosci. 20(2), 111 (2018)

    Article  Google Scholar 

  19. Wang, W.: A graph-oriented approach for network forensic analysis. Dissertation, Iowa State (2010). https://lib.dr.iastate.edu/cgi/viewcontent.cgi?article=2722&context=etd. Acccessed 4 Aug 2021

  20. Takahashi, D., Xiao, Y, Meng, K.: Creating user-relationship-graph in use of flow-net and log files for computer and network accountability and forensics. In: 2010-MILCOM 2010 Military Communications Conference (2010)

    Google Scholar 

  21. Barrère, M., Steiner, R.V., Mohsen, R., Lupu, E.C.: Tracking the bad guys: an efficient forensic methodology to trace multi-step attacks using core attack graphs. In: 2017 13th International Conference on Network and Service Management (CNSM), pp. 1–7 (2017)

    Google Scholar 

  22. Milling, C., Caramanis, C., Mannor, S., Shakkottai, S.: Network forensics: random infection vs spreading epidemic. ACM SIGMETRICS Perform. Eval. Rev. 40(1), 223–234 (2012)

    Google Scholar 

  23. Valsesia, D., Coluccia, G., Bianchi, T., Magli, E.: Compressed fingerprint matching and camera identification via random projections. IEEE Trans. Inf. Forensics Secur. 10(7), 1472–1485 (2015)

    Article  Google Scholar 

  24. Lee, W., Cho, S., Choi, H., Kim, J.: Partial fingerprint matching using minutiae and ridge shape features for small fingerprint scanners. Exp. Syst. Appl.: Int. J. 87(C), 183–198 (2017)

    Google Scholar 

  25. Easttom, C.: A systematic framework for network forensics based on graph theory. University of Portsmouth (2021)

    Google Scholar 

  26. Thulasiraman, K., Arumugam, S., Nishizeki, T., Brandstädt, A.: Handbook of Graph Theory, Combinatorial Optimization, and Algorithms. Taylor & Francis (2016)

    Google Scholar 

  27. Linke, N.M., Johri, S., Figgatt, C., Landsman, K.A., Matsuura, A.Y., Monroe, C.: Measuring the Rényi entropy of a two-site Fermi-Hubbard model on a trapped ion quantum computer. Phys. Rev. 98(5), 052334 (2018)

    Article  Google Scholar 

  28. Hayashi, M. (2017). Quantum Information Theory. Graduate Texts in Physics, no. 2. Springer Press, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-49725-8

  29. Mishra, S., Ayyub, B.M.: Shannon entropy for quantifying uncertainty and risk in economic disparity. Risk Anal. 39(10), 2160–2181 (2019)

    Article  Google Scholar 

  30. Dehmer, M., Emmert-Streib, F. (eds.): Quantitative Graph Theory: Mathematical Foundations and Applications. CRC Press, New York (2014)

    Google Scholar 

  31. De Meo, P., Messina, F., Rosaci, D., Sarné, G.M., Vasilakos, A.V.: Estimating graph robustness through the Randic index. IEEE Trans. Cybern. 48(11), 3232–3242 (2017)

    Google Scholar 

  32. Kim, S.J., Ozeki, K.: A note on a Brooks’ type theorem for DP-coloring. J. Graph Theory 91(2), 148–161 (2019)

    Article  MathSciNet  MATH  Google Scholar 

  33. Parimala, M., Broumi, S., Prakash, K., Topal, S.: Bellman-Ford algorithm for solving shortest path problem of a network under picture fuzzy environment. Comp. Intell. Syst. 7(5), 2373–2381 (2021)

    Article  Google Scholar 

  34. Easttom, C.: A systems approach to indicators of compromise utilizing graph theory. In: 2018 IEEE International Symposium on Technologies for Homeland Security (2018)

    Google Scholar 

  35. Easttom, C.: How to model digital forensics investigations with graph theory. Digit. Forensics Mag. 37 (2018)

    Google Scholar 

  36. Easttom, C.: On the application of algebraic graph theory to modeling network intrusions. 2020 IEEE 10th Annual Computing and Communication Conference (2020)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Georgetown University, Washington, DC, USA

    Chuck Easttom

Authors
  1. Chuck Easttom
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chuck Easttom .

Editor information

Editors and Affiliations

  1. Saga University, Saga, Japan

    Kohei Arai

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Easttom, C. (2022). A Graph Theoretical Methodology for Network Intrusion Fingerprinting and Attack Attribution. In: Arai, K. (eds) Intelligent Computing. SAI 2022. Lecture Notes in Networks and Systems, vol 508. Springer, Cham. https://doi.org/10.1007/978-3-031-10467-1_34

Download citation

Publish with us

Policies and ethics

Search

Navigation