Cited By
View all- Sadlek LHusák MČeleda P(2024)Identification of Device Dependencies Using Link PredictionNOMS 2024-2024 IEEE Network Operations and Management Symposium10.1109/NOMS59830.2024.10575713(1-10)Online publication date: 6-May-2024
Explainability in Cyber Security using Complex Network Analysis: A Brief Methodological Overview
Pages 49 - 52
Abstract
Artificial intelligence (AI) approaches are widely applied in cyber security, while they currently lack explainability towards their users. Here, complex network analysis (CNA) can be leveraged for providing explainability. The goal of this overview paper is to present a brief methodological view on explainability in cyber security using CNA. In particular, we (1) motivate the concept, use and application of explainability, (2) present CNA methods, and (3) outline challenges and open issues in the domain of cyber security.
References
[1]
Martin Atzmueller. 2016. Detecting Community Patterns Capturing Exceptional Link Trails. In Proc. IEEE/ACM ASONAM. IEEE, Boston, MA, USA.
[2]
Martin Atzmueller. 2017. Declarative Aspects in Explicative Data Mining for Computational Sensemaking. In Proc. Conference on Declarative Programming, DECLARE(LNCS, Vol. 10997). Springer, 97–114.
[3]
Martin Atzmueller. 2018. Compositional Subgroup Discovery on Attributed Social Interaction Networks. In Proc. International Conference on Discovery Science. Springer, Heidelberg, Germany.
[4]
Martin Atzmueller. 2019. Onto Model-based Anomalous Link Pattern Mining on Feature-Rich Social Interaction Networks. In Proc. WWW 2019 (Companion). IW3C2 / ACM.
[5]
Martin Atzmueller, Stefan Bloemheuvel, and Benjamin Kloepper. 2019. A Framework for Human-Centered Exploration of Complex Event Log Graphs. In Proc. International Conference on Discovery Science (DS). Springer.
[6]
Martin Atzmueller, Stephan Doerfel, and Folke Mitzlaff. 2016. Description-Oriented Community Detection using Exhaustive Subgroup Discovery. Information Sciences 329(2016), 965–984.
[7]
Martin Atzmueller, Stephan Günnemann, and Albrecht Zimmermann. 2021. Mining communities and their descriptions on attributed graphs: a survey. Data Mining and Knowledge Discovery 35, 3 (2021), 661–687.
[8]
Martin Atzmueller and Benjamin Kloepper. 2018. Mining Attributed Interaction Networks on Industrial Event Logs. In Proc. International Conference on Intelligent Data Engineering and Automated Learning (IDEAL). Springer.
[9]
Martin Atzmueller, Florian Lemmerich, Beate Krause, and Andreas Hotho. 2009. Who are the Spammers? Understandable Local Patterns for Concept Description. In Proc. 7th Conference on Computer Methods and Systems. Oprogramowanie Nauko-Techniczne, Krakow, Poland.
[10]
Martin Atzmueller and Frank Puppe. 2008. A Case-Based Approach for Characterization and Analysis of Subgroup Patterns. Journal of Applied Intelligence 28, 3 (2008), 210–221.
[11]
Martin Atzmueller and Thomas Roth-Berghofer. 2010. The Mining and Analysis Continuum of Explaining Uncovered. In Proc. AI-2010. Springer.
[12]
Martin Atzmueller, Henry Soldano, Guillaume Santini, and Dominique Bouthinon. 2019. MinerLSD: Efficient Mining of Local Patterns on Attributed Networks. Applied Network Science 4, 43 (2019).
[13]
Alejandro Barredo Arrieta, Natalia Díaz-Rodríguez, Javier Del Ser, Adrien Bennetot, Siham Tabik, Alberto Barbado, Salvador Garcia, Sergio Gil-Lopez, Daniel Molina, Richard Benjamins, Raja Chatila, and Francisco Herrera. 2020. Explainable Artificial Intelligence (XAI): Concepts, taxonomies, opportunities and challenges toward responsible AI. Information Fusion 58(2020), 82 – 115.
[14]
Or Biran and Courtenay Cotton. 2017. Explanation and Justification in Machine Learning: A Survey. In IJCAI-17 Workshop on Explainable AI.
[15]
Stefan Bloemheuvel, Jurgen van den Hoogen, and Martin Atzmueller. 2021. A computational framework for modeling complex sensor network data using graph signal processing and graph neural networks in structural health monitoring. Applied Network Science 6, 1 (2021), 97.
[16]
Krzysztof Cabaj, Zbigniew Kotulski, Bogdan Księżopolski, and Wojciech Mazurczyk. 2018. Cybersecurity: trends, issues, and challenges. EURASIP Journal on Information Security 2018, 1 (2018), 1–3.
[17]
Ángel Martín del Rey, A. Queiruga Dios, Guillermo Hernández, and A. Bustos Tabernero. 2019. Modeling the Spread of Malware on Complex Networks. In Proc. International Conference on Distributed Computing and Artificial Intelligence(Advances in Intelligent Systems and Computing, Vol. 1004). Springer, 109–116.
[18]
David Gunning. 2017. Explainable artificial intelligence (xai). Defense Advanced Research Projects Agency (DARPA) 2, 2 (2017).
[19]
Cicek Guven, Dietmar Seipel, and Martin Atzmueller. 2021. Applying ASP for Knowledge-Based Link Prediction with Explanation Generation in Feature Rich Networks. IEEE Transactions on Network Science and Engineering 8, 2(2021).
[20]
Yi Hu and Brajendra Panda. 2004. A data mining approach for database intrusion detection. In Proc. ACM symposium on Applied computing. 711–716.
[21]
Martin Husák, Tomáš Jirsík, and Shanchieh Jay Yang. 2020. SoK: contemporary issues and challenges to enable cyber situational awareness for network security. In Proc. International Conference on Availability, Reliability and Security. 1–10.
[22]
Martin Husák, Jana Komárková, Elias Bou-Harb, and Pavel Celeda. 2019. Survey of Attack Projection, Prediction, and Forecasting in Cyber Security. IEEE Commun. Surv. Tutorials 21, 1 (2019), 640–660.
[23]
Martin Husák, Lukás Sadlek, Stanislav Spacek, Martin Lastovicka, Michal Javorník, and Jana Komárková. 2022. CRUSOE: A toolset for cyber situational awareness and decision support in incident handling. Comput. Secur. 115(2022). https://doi.org/10.1016/j.cose.2022.102609
[24]
Roberto Interdonato, Martin Atzmueller, Sabrina Gaito, Rushed Kanawati, Christine Largeron, and Alessandra Sala. 2019. Feature-rich networks: going beyond complex network topologies. Applied Network Science 4, 1 (2019), 1–13.
[25]
Klaus Julisch. 2002. Data mining for intrusion detection. Applications of data mining in computer security (2002), 33–62.
[26]
Rushed Kanawati. 2015. Multiplex Network Mining: A Brief Survey.IEEE Intell. Informatics Bull. 16, 1 (2015), 24–27.
[27]
Rushed Kanawati and Martin Atzmueller. 2019. Modeling and Mining Feature-Rich Networks. In Proc. WWW 2019 (Companion). IW3C2 / ACM.
[28]
David Liben-Nowell and Jon Kleinberg. 2007. The link-prediction problem for social networks. Journal of the American society for information science and technology 58, 7 (2007), 1019–1031.
[29]
Linyuan Lü and Tao Zhou. 2011. Link prediction in complex networks: A survey. Physica A: statistical mechanics and its applications 390, 6(2011), 1150–1170.
[30]
Asep Maulana and Martin Atzmueller. 2021. Many-Objective Optimization for Anomaly Detection on Multi-Layer Complex Interaction Networks. Applied Sciences 11, 9 (2021), 4005.
[31]
Silvia Metelli and Nicholas Heard. 2019. On Bayesian new edge prediction and anomaly detection in computer networks. The Annals of Applied Statistics 13, 4 (2019), 2586–2610.
[32]
D. Mollenhauer and M. Atzmueller. 2020. Sequential Exceptional Pattern Discovery Using Pattern-Growth: An Extensible Framework for Interpretable Machine Learning on Sequential Data. In Proc. International Workshop on Explainable and Interpretable Machine Learning, co-located with the 43rd German Conference on Artificial Intelligence(CEUR Workshop Proceedings, Vol. 2796). CEUR-WS.org.
[33]
Nour Moustafa and Jill Slay. 2015. UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). https://doi.org/10.1109/milcis.2015.7348942
[34]
S. Noel, E. Hatley, K.H. Tam, L. Liliero, and M. Share. 2016. CyGraph: graph-based analytics and visulization for cybersecurity. Elsevier, Chapter 4, 1–52.
[35]
Antonio Ortega, Pascal Frossard, Jelena Kovačević, José MF Moura, and Pierre Vandergheynst. 2018. Graph signal processing: Overview, challenges, and applications. Proc. IEEE 106, 5 (2018), 808–828.
[36]
Anthony Palladino and Christopher J. Thissen. 2018. Cyber Anomaly Detection Using Graph-node Role-dynamics. Proceedings of DYnamic and Novel Advances in Machine Learning and Intelligent Cyber Security Workshop (DYNAMICS’18). ACM, New York, NY, USA. (2019) (Dec. 2018). arxiv:1812.02848 [cs.CR]
[37]
José A Perusquía, Jim E Griffin, and Cristiano Villa. 2021. Bayesian Models Applied to Cyber Security Anomaly Detection Problems. Int. Stat. Rev. (2021).
[38]
Lida Rashidi, Andrey Kan, James Bailey, Jeffrey Chan, Christopher Leckie, Wei Liu, Sutharshan Rajasegarar, and Kotagiri Ramamohanarao. 2016. Node Re-Ordering as a Means of Anomaly Detection in Time-Evolving Graphs. In Proc. ECML PKDD(LNCS, Vol. 9852). Springer, 162–178.
[39]
Matthew J Rattigan and David Jensen. 2005. The case for anomalous link discovery. Acm Sigkdd Explorations Newsletter 7, 2 (2005), 41–47.
[40]
Mouna Rifi, Mohamed Hibti, and Rushed Kanawati. 2018. A Complex Network Analysis Approach for Risk Increase Factor Prediction in Nuclear Power Plants. In Proc. International Conference on Complexity, Future Information Systems and Risk COMPLEXIS. SciTePress, 23–30.
[41]
Roger C Schank, Alex Kass, and Christopher K Riesbeck. 2014. Inside case-based explanation. Psychology Press.
[42]
Christoph Scholz, Martin Atzmueller, Alain Barrat, Ciro Cattuto, and Gerd Stumme. 2013. New Insights and Methods For Predicting Face-To-Face Contacts. In Proc. AAAI ICWSM. AAAI Press, Palo Alto, CA, USA.
[43]
Dietmar Seipel, Stefan Köhler, Philipp Neubeck, and Martin Atzmueller. 2013. Mining Complex Event Patterns in Computer Networks. In Postproceedings of the 1st Workshop on New Frontiers in Mining Complex Patterns (NFMCP 2012. Springer, Heidelberg, Germany.
[44]
Robin Sommer and Vern Paxson. 2010. Outside the closed world: On using machine learning for network intrusion detection. In 2010 IEEE symposium on security and privacy. IEEE, 305–316.
[45]
Daniel Spiekermann and Jörg Keller. 2021. Unsupervised packet-based anomaly detection in virtual networks. Computer Networks 192(2021), 108017.
[46]
Nikita Spirin and Jiawei Han. 2012. Survey on web spam detection: principles and algorithms. ACM SIGKDD explorations newsletter 13, 2 (2012), 50–64.
[47]
Steven H Strogatz. 2001. Exploring complex networks. Nature 410, 6825 (2001), 268–276.
[48]
Maonan Wang, Kangfeng Zheng, Yanqing Yang, and Xiujuan Wang. 2020. An explainable machine learning framework for intrusion detection systems. IEEE Access 8(2020), 73127–73141.
[49]
Qingsai Xiao, Jian Liu, Quiyun Wang, Zhengwei Jiang, Xuren Wang, and Yepeng Yao. 2020. Towards network anomaly detection using graph embedding. In International Conference on Computational Science. Springer, 156–169.
[50]
Meng Yang, Lida Rashidi, Sutharshan Rajasegarar, and Christopher Leckie. 2018. Graph Stream Mining Based Anomalous Event Analysis. In Proc. PRICAI: International Conference on Artificial Intelligence(LNCS, Vol. 11012). Springer, 891–903.
[51]
Yanfang Ye, Tao Li, Donald Adjeroh, and S Sitharama Iyengar. 2017. A survey on malware detection using data mining techniques. ACM CSUR 50, 3 (2017), 1–40.
Recommendations
Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain
In recent years, machine learning algorithms, and more specifically deep learning algorithms, have been widely used in many fields, including cyber security. However, machine learning systems are vulnerable to adversarial attacks, and this limits the ...
Government regulations in cyber security: Framework, standards and recommendations
AbstractCyber security refers to the protection of Internet-connected systems, such as hardware, software as well as data (information) from cyber attacks (adversaries). A cyber security regulation is needed in order to protect information ...
Highlights- We list and discuss the cyber attacks, security requirements and measures. We then discuss the cyber security incident management framework and its various ...
From information security to cyber security
The term cyber security is often used interchangeably with the term information security. This paper argues that, although there is a substantial overlap between cyber security and information security, these two concepts are not totally analogous. ...
Comments
Information & Contributors
Information
Published In
June 2022
114 pages
Copyright © 2022 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 21 July 2022
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
EICC 2022
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 223Total Downloads
- Downloads (Last 12 months)44
- Downloads (Last 6 weeks)4
Reflects downloads up to 28 Feb 2025
Other Metrics
Citations
Cited By
View all- Sadlek LHusák MČeleda P(2024)Identification of Device Dependencies Using Link PredictionNOMS 2024-2024 IEEE Network Operations and Management Symposium10.1109/NOMS59830.2024.10575713(1-10)Online publication date: 6-May-2024
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format