Discovering collaborative cyber attack patterns using social network analysis

Authors:
Haitao Du;Shanchieh Jay Yang
Affiliations:
Department of Computer Engineering, Rochester Institute of Technology, Rochester, New York;Department of Computer Engineering, Rochester Institute of Technology, Rochester, New York
Venue:
SBP'11 Proceedings of the 4th international conference on Social computing, behavioral-cultural modeling and prediction
Year:
2011

Citing 4
Cited 0

Data clustering: a review

ACM Computing Surveys (CSUR)
Internet intrusions: global characteristics and prevalence

SIGMETRICS '03 Proceedings of the 2003 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
A brief history of scanning

Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
BotMiner: clustering analysis of network traffic for protocol- and structure-independent botnet detection

SS'08 Proceedings of the 17th conference on Security symposium

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper investigates collaborative cyber attacks based on social network analysis. An Attack Social Graph (ASG) is defined to represent cyber attacks on the Internet. Features are extracted from ASGs to analyze collaborative patterns. We use principle component analysis to reduce the feature space, and hierarchical clustering to group attack sources that exhibit similar behavior. Experiments with real world data illustrate that our framework can effectively reduce from large dataset to clusters of attack sources exhibiting critical collaborative patterns.