Discovery of persistent threat structures through temporal and geo-spatial characterization in evolving networks

Author

Namayanja, Josephine M. ; Janeja, Vandana P.

Author_Institution

Dept. of Inf. Syst., Univ. of Maryland, Baltimore, MD, USA

fYear

2013

fDate

4-7 June 2013

Firstpage

191

Lastpage

196

Abstract

The focus of this paper is to characterize the behavior of large, evolving networks, in terms of central nodes to identify patterns that may be conducive to persistent threat structures over time and geo-spatial regions. We propose an approach to monitor central nodes to determine Consistency and Inconsistency (CoIn) in their availability across time periods. Our approach also identifies the time periods and spatial regions associated with CoIn. We present experimental results using real world internet traffic trace data which indicates the potential of our approach to identify actionable information in terms of identifying locations of interest and patterns of deviations.

Keywords

Internet; set theory; telecommunication traffic; CoIn; actionable information identification; central node monitoring; consistency-and-inconsistency; evolving networks; geo-spatial characterization; location-of-interest identification; pattern-of-deviation identification; persistent threat structure discovery; real-world Internet traffic trace data; spatial regions; temporal characterization; time periods; Accuracy; Availability; Communication networks; Correlation; Internet; Monitoring; Organizations; centrality; persistent threats; spatio-temporal mining;

fLanguage

English

Publisher

ieee

Conference_Titel

Intelligence and Security Informatics (ISI), 2013 IEEE International Conference on

Conference_Location

Seattle, WA

Print_ISBN

978-1-4673-6214-6

Type

conf

DOI

10.1109/ISI.2013.6578817

Filename

6578817