A new approach to combine multiplex networks and time series attributes: Building intrusion detection systems (IDS) in cybersecurity. (September 2021)
- Record Type:
- Journal Article
- Title:
- A new approach to combine multiplex networks and time series attributes: Building intrusion detection systems (IDS) in cybersecurity. (September 2021)
- Main Title:
- A new approach to combine multiplex networks and time series attributes: Building intrusion detection systems (IDS) in cybersecurity
- Authors:
- Iglesias Pérez, Sergio
Moral-Rubio, Santiago
Criado, Regino - Abstract:
- Highlights: A new computationally and temporally efficient methodology to represent the relationships between assets through a multiplexed network whose edges include temporal attributes. A combination of two mathematical domains (signal processing and complex networks) increases the accuracy of each of them separately. An application of a new methodology in the cybersecurity domain provides promising results with a more computationally efficient effort. Abstract: Intrusion Detection Systems (IDS) are fundamental tools in cybersecurity environments. In this paper, we present a new methodology for the creation of intrusion detection systems (IDS) based on a strategy that combines the use of multiplex networks and time series analysis to provide a probability that an IP address be an attacker in a certain time. This approach reduces the number of alerts to a small number of IP addresses as well as the computation effort by not having to analyze each event independently. The evaluation of all traffic happens only at pre-defined times. The methodology relies on both the original utilization of some unsupervised machine learning techniques and on the use of certain time series attributes and their representation as a complex multiplex network, achieving a very significant reduction in the dimensionality of the resulting data representation. The result is a very effective intrusion detection system in large corporate environments and a new approach in the representation of theHighlights: A new computationally and temporally efficient methodology to represent the relationships between assets through a multiplexed network whose edges include temporal attributes. A combination of two mathematical domains (signal processing and complex networks) increases the accuracy of each of them separately. An application of a new methodology in the cybersecurity domain provides promising results with a more computationally efficient effort. Abstract: Intrusion Detection Systems (IDS) are fundamental tools in cybersecurity environments. In this paper, we present a new methodology for the creation of intrusion detection systems (IDS) based on a strategy that combines the use of multiplex networks and time series analysis to provide a probability that an IP address be an attacker in a certain time. This approach reduces the number of alerts to a small number of IP addresses as well as the computation effort by not having to analyze each event independently. The evaluation of all traffic happens only at pre-defined times. The methodology relies on both the original utilization of some unsupervised machine learning techniques and on the use of certain time series attributes and their representation as a complex multiplex network, achieving a very significant reduction in the dimensionality of the resulting data representation. The result is a very effective intrusion detection system in large corporate environments and a new approach in the representation of the analyzed data as shown in the real case presented. … (more)
- Is Part Of:
- Chaos, solitons and fractals. Volume 150(2021)
- Journal:
- Chaos, solitons and fractals
- Issue:
- Volume 150(2021)
- Issue Display:
- Volume 150, Issue 2021 (2021)
- Year:
- 2021
- Volume:
- 150
- Issue:
- 2021
- Issue Sort Value:
- 2021-0150-2021-0000
- Page Start:
- Page End:
- Publication Date:
- 2021-09
- Subjects:
- Multiplex networks -- Time series -- Machine learning -- Cybersecurity
Chaotic behavior in systems -- Periodicals
Solitons -- Periodicals
Fractals -- Periodicals
Chaotic behavior in systems
Fractals
Solitons
Periodicals
003.7 - Journal URLs:
- http://www.elsevier.com/journals ↗
http://www.sciencedirect.com/science/journal/09600779 ↗ - DOI:
- 10.1016/j.chaos.2021.111143 ↗
- Languages:
- English
- ISSNs:
- 0960-0779
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3129.716000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 17797.xml