Probabilistic Threat Propagation for Network Security

Author

Carter, Kevin M. ; Idika, Nwokedi ; Streilein, William W.

Author_Institution

MIT Lincoln Lab., Lexington, MA, USA

Volume

9

Issue

9

fYear

2014

fDate

Sept. 2014

Firstpage

1394

Lastpage

1405

Abstract

Techniques for network security analysis have historically focused on the actions of the network hosts. Outside of forensic analysis, little has been done to detect or predict malicious or infected nodes strictly based on their association with other known malicious nodes. This methodology is highly prevalent in the graph analytics world, however, and is referred to as community detection. In this paper, we present a method for detecting malicious and infected nodes on both monitored networks and the external Internet. We leverage prior community detection and graphical modeling work by propagating threat probabilities across network nodes, given an initial set of known malicious nodes. We enhance prior work by employing constraints that remove the adverse effect of cyclic propagation that is a byproduct of current methods. We demonstrate the effectiveness of probabilistic threat propagation on the tasks of detecting botnets and malicious web destinations.

Keywords

Internet; computer network security; digital forensics; graph theory; probability; Botnets detection; community detection; cyclic propagation; external Internet; forensic analysis; graph analytics world; graphical modeling work; infected nodes; malicious Web destinations; malicious nodes; monitored networks; network hosts; network security analysis; probabilistic threat propagation; threat probabilities; Communication networks; Communities; Peer-to-peer computing; Probabilistic logic; Probability; Security; Upper bound; Blacklist; Network security; botnet; community detection; graph algorithms;

fLanguage

English

Journal_Title

Information Forensics and Security, IEEE Transactions on

Publisher

ieee

ISSN

1556-6013

Type

jour

DOI

10.1109/TIFS.2014.2334272

Filename

6847231