"Graph Entropy, Network Coding and Guessing games"

We introduce the (private) entropy of a directed graph (in a new network coding sense) as well as a number of related concepts. We show that the entropy of a directed graph is identical to its guessing number and can be bounded from below with the number of vertices minus the size of the graph’s shortest index code. We show that the Network Coding solvability of each specific multiple unicast network is completely determined by the entropy (as well as by the shortest index code) of the directed graph that occur by identifying each source node with each corresponding target node. Shannon’s information inequalities can be used to calculate up- per bounds on a graph’s entropy as well as calculating the size of the minimal index code. Recently, a number of new families of so-called non-shannon-type information inequalities have been discovered. It has been shown that there exist communication networks with a ca- pacity strictly ess than required for solvability, but where this fact cannot be derived using Shannon’s classical information inequalities. Based on this result we show that there exist graphs with an entropy that cannot be calculated using only Shannon’s classical information inequalities, and show that better estimate can be obtained by use of certain non-shannon-type information inequalities

Guessing Numbers of Odd Cycles

For a given number of colours, $s$, the guessing number of a graph is the base $s$ logarithm of the size of the largest family of colourings of the vertex set of the graph such that the colour of each vertex can be determined from the colours of the vertices in its neighbourhood. An upper bound for the guessing number of the $n$-vertex cycle graph $C_n$ is $n/2$. It is known that the guessing number equals $n/2$ whenever $n$ is even or $s$ is a perfect square \cite{Christofides2011guessing}. We show that, for any given integer $s\geq 2$, if $a$ is the largest factor of $s$ less than or equal to $\sqrt{s}$, for sufficiently large odd $n$, the guessing number of $C_n$ with $s$ colours is $(n-1)/2 + \log_s(a)$. This answers a question posed by Christofides and Markstr\"{o}m in 2011 \cite{Christofides2011guessing}. We also present an explicit protocol which achieves this bound for every $n$. Linking this to index coding with side information, we deduce that the information defect of $C_n$ with $s$ colours is $(n+1)/2 - \log_s(a)$ for sufficiently large odd $n$. Our results are a generalisation of the $s=2$ case which was proven in \cite{bar2011index}.Comment: 16 page

Extremal/Saturation Numbers for Guessing Numbers of Undirected Graphs

Hat guessing games—logic puzzles where a group of players must try to guess the color of their own hat—have been a fun party game for decades but have become of academic interest to mathematicians and computer scientists in the past 20 years. In 2006, Søren Riis, a computer scientist, introduced a new variant of the hat guessing game as well as an associated graph invariant, the guessing number, that has applications to network coding and circuit complexity. In this thesis, to better understand the nature of the guessing number of undirected graphs we apply the concept of saturation to guessing numbers and investigate the extremal and saturation numbers of guessing numbers. We define and determine the extremal number in terms of edges for the guessing number by using the previously established bound of the guessing number by the chromatic number of the complement. We also use the concept of graph entropy, also developed by Søren Riis, to find a constant bound on the saturation number of the guessing number

SSHCure: a flow-based SSH intrusion detection system

SSH attacks are a main area of concern for network managers, due to the danger associated with a successful compromise. Detecting these attacks, and possibly compromised victims, is therefore a crucial activity. Most existing network intrusion detection systems designed for this purpose rely on the inspection of individual packets and, hence, do not scale to today's high-speed networks. To overcome this issue, this paper proposes SSHCure, a flow-based intrusion detection system for SSH attacks. It employs an efficient algorithm for the real-time detection of ongoing attacks and allows identification of compromised attack targets. A prototype implementation of the algorithm, including a graphical user interface, is implemented as a plugin for the popular NfSen monitoring tool. Finally, the detection performance of the system is validated with empirical traffic data