Abstract
The Activity and Event Network (AEN) is a new large graph model that enables describing and analyzing continuously in real-time key security relevant information about the operations of networked systems and data centers. The model allows identifying long-term and stealthy attack patterns, which may be difficult to capture using traditional approaches. The current chapter focuses on defining the model elements and the underlying graph construction algorithms, and presents a case study based on a cyberphysical security dataset.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Casteigts A, Flocchini P, Quattrociocchi W, Santoro N (2012) Time-varying graphs and dynamic networks. Int J Parallel Emergent Distrib Syst 27(5):387–408
Koroniotis N (2020) Designing an effective network forensic framework for the investigation of botnets in the Internet of Things. Ph.D. thesis, UNSW Canberra
Koroniotis N, Moustafa N (2020) Enhancing network forensics with particle swarm and deep learning: the particle deep framework. In: International conference on artificial intelligence and applications
Koroniotis N, Moustafa N, Schiliro F, Gauravaram P, Janicke H (2020) A holistic review of cybersecurity and reliability perspectives in smart airports. IEEE Access 8:209802–209834
Koroniotis N, Moustafa N, Sitnikova E (2020) A new network forensic framework based on deep learning for internet of things networks: a particle deep framework. Futur Gener Comput Syst 110:91–106
Koroniotis N, Moustafa N, Sitnikova E, Slay J (2018) Towards developing network forensic mechanism for botnet activities in the iot based on machine learning techniques. In: Hu J, Khalil I, Tari Z, Wen S (eds) Mobile networks and management. Springer International Publishing, Cham, pp 30–44
Koroniotis N, Moustafa N, Sitnikova E, Turnbull B (2018) Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-iot dataset
Nie C, Quinan PG, Traoré I, Woungang I (2022) Intrusion detection using a graphical fingerprint model. In: 2022 22nd IEEE international symposium on cluster, cloud and internet computing (CCGrid), pp 806–813
Quinan PG, Traore I, Gondhi UR, Woungang I (2022) Unsupervised anomaly detection using a new knowledge graph model for network activity and events. In: Renault E, Boumerdassi S, Mühlethaler P (eds) Machine learning for networking. Springer International Publishing, Cham, pp 117–130
Yousef WA, Traore I, Briguglio W (2022) Classifier calibration: with application to threat scores in cybersecurity. IEEE Trans Dependable Secure Comput, pp 1–1
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Quinan, P.G., Traoré, I., Woungang, I. (2023). Activity and Event Network Graph and Application to Cyber-Physical Security. In: Traore, I., Woungang, I., Saad, S. (eds) Artificial Intelligence for Cyber-Physical Systems Hardening. Engineering Cyber-Physical Systems and Critical Infrastructures, vol 2. Springer, Cham. https://doi.org/10.1007/978-3-031-16237-4_10
Download citation
DOI: https://doi.org/10.1007/978-3-031-16237-4_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-16236-7
Online ISBN: 978-3-031-16237-4
eBook Packages: EngineeringEngineering (R0)