Graph Analytics for Signature Discovery
Abstract
Within large amounts of seemingly unstructured data it can be diffcult to find signatures of events. In our work we transform unstructured data into a graph representation. By doing this we expose underlying structure in the data and can take advantage of existing graph analytics capabilities, as well as develop new capabilities. Currently we focus on applications in cybersecurity and communication domains. Within cybersecurity we aim to find signatures for perpetrators using the pass-the-hash attack, and in communications we look for emails or phone calls going up or down a chain of command. In both of these areas, and in many others, the signature we look for is a path with certain temporal properties. In this paper we discuss our methodology for finding these temporal paths within large graphs.
- Authors:
- Publication Date:
- Research Org.:
- Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
- Sponsoring Org.:
- USDOE
- OSTI Identifier:
- 1144838
- Report Number(s):
- PNNL-SA-94756
- DOE Contract Number:
- AC05-76RL01830
- Resource Type:
- Conference
- Resource Relation:
- Conference: IEEE International Conference on Intelligence and Security Informatics (ISI 2013), June 4-7, 2013, Seattle, Washington, 315-320
- Country of Publication:
- United States
- Language:
- English
- Subject:
- Signature Science
Citation Formats
Hogan, Emilie A., Johnson, John R., Halappanavar, Mahantesh, and Lo, Chaomei. Graph Analytics for Signature Discovery. United States: N. p., 2013.
Web. doi:10.1109/ISI.2013.6578850.
Hogan, Emilie A., Johnson, John R., Halappanavar, Mahantesh, & Lo, Chaomei. Graph Analytics for Signature Discovery. United States. https://doi.org/10.1109/ISI.2013.6578850
Hogan, Emilie A., Johnson, John R., Halappanavar, Mahantesh, and Lo, Chaomei. 2013.
"Graph Analytics for Signature Discovery". United States. https://doi.org/10.1109/ISI.2013.6578850.
@article{osti_1144838,
title = {Graph Analytics for Signature Discovery},
author = {Hogan, Emilie A. and Johnson, John R. and Halappanavar, Mahantesh and Lo, Chaomei},
abstractNote = {Within large amounts of seemingly unstructured data it can be diffcult to find signatures of events. In our work we transform unstructured data into a graph representation. By doing this we expose underlying structure in the data and can take advantage of existing graph analytics capabilities, as well as develop new capabilities. Currently we focus on applications in cybersecurity and communication domains. Within cybersecurity we aim to find signatures for perpetrators using the pass-the-hash attack, and in communications we look for emails or phone calls going up or down a chain of command. In both of these areas, and in many others, the signature we look for is a path with certain temporal properties. In this paper we discuss our methodology for finding these temporal paths within large graphs.},
doi = {10.1109/ISI.2013.6578850},
url = {https://www.osti.gov/biblio/1144838},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Sat Jun 01 00:00:00 EDT 2013},
month = {Sat Jun 01 00:00:00 EDT 2013}
}