3,532 research outputs found
Estimating Infection Sources in Networks Using Partial Timestamps
We study the problem of identifying infection sources in a network based on
the network topology, and a subset of infection timestamps. In the case of a
single infection source in a tree network, we derive the maximum likelihood
estimator of the source and the unknown diffusion parameters. We then introduce
a new heuristic involving an optimization over a parametrized family of Gromov
matrices to develop a single source estimation algorithm for general graphs.
Compared with the breadth-first search tree heuristic commonly adopted in the
literature, simulations demonstrate that our approach achieves better
estimation accuracy than several other benchmark algorithms, even though these
require more information like the diffusion parameters. We next develop a
multiple sources estimation algorithm for general graphs, which first
partitions the graph into source candidate clusters, and then applies our
single source estimation algorithm to each cluster. We show that if the graph
is a tree, then each source candidate cluster contains at least one source.
Simulations using synthetic and real networks, and experiments using real-world
data suggest that our proposed algorithms are able to estimate the true
infection source(s) to within a small number of hops with a small portion of
the infection timestamps being observed.Comment: 15 pages, 15 figures, accepted by IEEE Transactions on Information
Forensics and Securit
Recommended from our members
Evaluating the Provision of Botnet Defences using Translational Research Concepts.
Botnet research frequently draws on concepts from other fields. An example is the use of epidemiological models when studying botnet propagation, which facilitate an understanding of bot spread dynamics and the exploration of behavioural theory. Whilst the literature is rich with these models, it is lacking in work aimed at connecting the insights of theoretical research with day-to-day practice. To address this, we look at botnets through the lens of implementation science, a discipline from the field of translational research in health care, which is designed to evaluate the implementation process. In this paper, we explore key concepts of implementation science, and propose a framework-based approach to improve the provision of security measures to network entities. We demonstrate the approach using existing propagation models, and discuss the role of implementation science in malware defence
Graph-based Security and Privacy Analytics via Collective Classification with Joint Weight Learning and Propagation
Many security and privacy problems can be modeled as a graph classification
problem, where nodes in the graph are classified by collective classification
simultaneously. State-of-the-art collective classification methods for such
graph-based security and privacy analytics follow the following paradigm:
assign weights to edges of the graph, iteratively propagate reputation scores
of nodes among the weighted graph, and use the final reputation scores to
classify nodes in the graph. The key challenge is to assign edge weights such
that an edge has a large weight if the two corresponding nodes have the same
label, and a small weight otherwise. Although collective classification has
been studied and applied for security and privacy problems for more than a
decade, how to address this challenge is still an open question. In this work,
we propose a novel collective classification framework to address this
long-standing challenge. We first formulate learning edge weights as an
optimization problem, which quantifies the goals about the final reputation
scores that we aim to achieve. However, it is computationally hard to solve the
optimization problem because the final reputation scores depend on the edge
weights in a very complex way. To address the computational challenge, we
propose to jointly learn the edge weights and propagate the reputation scores,
which is essentially an approximate solution to the optimization problem. We
compare our framework with state-of-the-art methods for graph-based security
and privacy analytics using four large-scale real-world datasets from various
application scenarios such as Sybil detection in social networks, fake review
detection in Yelp, and attribute inference attacks. Our results demonstrate
that our framework achieves higher accuracies than state-of-the-art methods
with an acceptable computational overhead.Comment: Network and Distributed System Security Symposium (NDSS), 2019.
Dataset link: http://gonglab.pratt.duke.edu/code-dat
- …