Graph Coarsening for Path Finding in Cybersecurity Graphs
Abstract
n the pass-the-hash attack, hackers repeatedly steal password hashes and move through a computer network with the goal of reaching a computer with high level administrative privileges. In this paper we apply graph coarsening in network graphs for the purpose of detecting hackers using this attack or assessing the risk level of the network's current state. We repeatedly take graph minors, which preserve the existence of paths in the graph, and take powers of the adjacency matrix to count the paths. This allows us to detect the existence of paths as well as find paths that have high risk of being used by adversaries.
- Authors:
- Publication Date:
- Research Org.:
- Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
- Sponsoring Org.:
- USDOE
- OSTI Identifier:
- 1148631
- Report Number(s):
- PNNL-SA-90064
- DOE Contract Number:
- AC05-76RL01830
- Resource Type:
- Conference
- Resource Relation:
- Conference: Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop (CSIIRW 2013), January 8-10, 2013, Oak Ridge, Tennessee, Paper No. 7
- Country of Publication:
- United States
- Language:
- English
Citation Formats
Hogan, Emilie A., Johnson, John R., and Halappanavar, Mahantesh. Graph Coarsening for Path Finding in Cybersecurity Graphs. United States: N. p., 2013.
Web. doi:10.1145/2459976.2459984.
Hogan, Emilie A., Johnson, John R., & Halappanavar, Mahantesh. Graph Coarsening for Path Finding in Cybersecurity Graphs. United States. https://doi.org/10.1145/2459976.2459984
Hogan, Emilie A., Johnson, John R., and Halappanavar, Mahantesh. 2013.
"Graph Coarsening for Path Finding in Cybersecurity Graphs". United States. https://doi.org/10.1145/2459976.2459984.
@article{osti_1148631,
title = {Graph Coarsening for Path Finding in Cybersecurity Graphs},
author = {Hogan, Emilie A. and Johnson, John R. and Halappanavar, Mahantesh},
abstractNote = {n the pass-the-hash attack, hackers repeatedly steal password hashes and move through a computer network with the goal of reaching a computer with high level administrative privileges. In this paper we apply graph coarsening in network graphs for the purpose of detecting hackers using this attack or assessing the risk level of the network's current state. We repeatedly take graph minors, which preserve the existence of paths in the graph, and take powers of the adjacency matrix to count the paths. This allows us to detect the existence of paths as well as find paths that have high risk of being used by adversaries.},
doi = {10.1145/2459976.2459984},
url = {https://www.osti.gov/biblio/1148631},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Tue Jan 01 00:00:00 EST 2013},
month = {Tue Jan 01 00:00:00 EST 2013}
}
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.
Save to My Library
You must Sign In or Create an Account in order to save documents to your library.