サイバー脅威の「トポロジカルシグネチャー」に注目する研究者たち(Researchers Eye ‘Topological Signatures’ of Cyber Threats)

ad

2024-10-23 パシフィック・ノースウェスト国立研究所(PNNL)

サイバー脅威の「トポロジカルシグネチャー」に注目する研究者たち(Researchers Eye ‘Topological Signatures’ of Cyber Threats)

パシフィック・ノースウェスト国立研究所(PNNL)の研究者たちは、サイバー攻撃の特定に役立つ「トポロジカル署名」を探索する新しいアプローチを開発しました。この方法では、ハイパーグラフとトポロジーを使い、サイバーシステム内のデータフローを高次元で解析します。研究は、悪意のある行動を示すパターンを発見しましたが、それが善意の行動と区別しにくい場合もあり、さらなる研究が必要とされています。この手法は、サイバーセキュリティに新たな洞察をもたらす可能性があります。

<関連情報>

フラットランドからの一歩: サイバー・ハイパーグラフにおけるトポロジカル構造としての行動パターンの発見
Stepping Out of Flatland: Discovering Behavior Patterns as Topological Structures in Cyber Hypergraph

Helen Jenne, Sinan G. Aksoy, Daniel M. Best, Alyson Bittner, Gregory Henselman-petrusek, Cliff Joslyn, Bill Kay, Audun Myers, Garret Seppala, Jackson Warley, Stephen J. Young, Emilie Purvine
The Next Wave  Date Issued:April 9, 2024

Data breaches and ransomware attacks occur so often that they have become part of our daily news cycle. Last year, 1,802 data compromises affected 422 million people [1]. In a 2022 op-ed co-written by the Cybersecurity and Infrastructure Security Agency Director and National Cyber Director, they described the omnipresent threat of cyberattacks as “the new normal,” writing that in the modern landscape of complex cyber threats, “our shields will likely be up for the foreseeable future” [2]. This is due to a myriad of factors, including the increasing number of Internet-of-Things devices, shift to remote work during the pandemic, and advancement in adversarial techniques—all of which contribute to the increase in both the complexity of data captured and the challenge of protecting our networks. At the same time, cyber research has made strides, leveraging advances in machine learning and natural language processing to focus on identifying sophisticated attacks that are known to evade conventional measures. While successful, the shortcomings of these methods, particularly the lack of interpretability, are inherent and difficult to overcome. Consequently, there is an ever-increasing need to develop new tools for analyzing cyber data to enable more effective attack detection. In this article, we present a novel framework based in the theory of hypergraphs and topology to understand data from cyber networks through topological signatures, which are both flexible and can be traced back to the log data. While our approach’s mathematical grounding requires some technical development, this pays off in interpretability, which we will demonstrate with concrete examples in a large-scale cyber network dataset. These examples are an introduction to the broader possibilities that lie ahead; our goal is to demonstrate the value of applying methods from the burgeoning fields of hypernetwork science and applied topology to understand relationships among behaviors in cyber data.

1600情報工学一般
ad
ad
Follow
ad
タイトルとURLをコピーしました