11,595 research outputs found
Botnet Detection using Social Graph Analysis
Signature-based botnet detection methods identify botnets by recognizing
Command and Control (C\&C) traffic and can be ineffective for botnets that use
new and sophisticate mechanisms for such communications. To address these
limitations, we propose a novel botnet detection method that analyzes the
social relationships among nodes. The method consists of two stages: (i)
anomaly detection in an "interaction" graph among nodes using large deviations
results on the degree distribution, and (ii) community detection in a social
"correlation" graph whose edges connect nodes with highly correlated
communications. The latter stage uses a refined modularity measure and
formulates the problem as a non-convex optimization problem for which
appropriate relaxation strategies are developed. We apply our method to
real-world botnet traffic and compare its performance with other community
detection methods. The results show that our approach works effectively and the
refined modularity measure improves the detection accuracy.Comment: 7 pages. Allerton Conferenc
Knowledge graph analysis of particles in Japanese
The theory of knowledge graphs is a structuralistic theory of language. Its ontology consists of eight types of binary relationships and four types of so-called frames. The relationships connect so-called tokens, that represent semantic units. In this way a graph structure arises. Japanese particles are investigated against the background of knowledge graph ontology. It is shown that the structure of Japanese closely resembles the structure of the knowledge graph representation of language
Large Graph Analysis in the GMine System
Current applications have produced graphs on the order of hundreds of
thousands of nodes and millions of edges. To take advantage of such graphs, one
must be able to find patterns, outliers and communities. These tasks are better
performed in an interactive environment, where human expertise can guide the
process. For large graphs, though, there are some challenges: the excessive
processing requirements are prohibitive, and drawing hundred-thousand nodes
results in cluttered images hard to comprehend. To cope with these problems, we
propose an innovative framework suited for any kind of tree-like graph visual
design. GMine integrates (a) a representation for graphs organized as
hierarchies of partitions - the concepts of SuperGraph and Graph-Tree; and (b)
a graph summarization methodology - CEPS. Our graph representation deals with
the problem of tracing the connection aspects of a graph hierarchy with sub
linear complexity, allowing one to grasp the neighborhood of a single node or
of a group of nodes in a single click. As a proof of concept, the visual
environment of GMine is instantiated as a system in which large graphs can be
investigated globally and locally
- …