A review on graph-based approaches for network security monitoring and botnet detection

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F24%3A00135191" target="_blank" >RIV/00216224:14610/24:00135191 - isvavai.cz</a>

Výsledek na webu

<a href="https://link.springer.com/article/10.1007/s10207-023-00742-7" target="_blank" >https://link.springer.com/article/10.1007/s10207-023-00742-7</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1007/s10207-023-00742-7" target="_blank" >10.1007/s10207-023-00742-7</a>

Jazyk výsledku

angličtina

Název v původním jazyce

A review on graph-based approaches for network security monitoring and botnet detection

Popis výsledku v původním jazyce

This survey paper provides a comprehensive overview of recent research and development in network security that uses graphs and graph-based data representation and analytics. The paper focuses on the graph-based representation of network traffic records and the application of graph-based analytics in intrusion detection and botnet detection. The paper aims to answer several questions related to graph-based approaches in network security, including the types of graphs used to represent network security data, the approaches used to analyze such graphs, the metrics used for detection and monitoring, and the reproducibility of existing works. The paper presents a survey of graph models used to represent, store, and visualize network security data, a survey of the algorithms and approaches used to analyze such data, and an enumeration of the most important graph features used for network security analytics for monitoring and botnet detection. The paper also discusses the challenges and limitations of using graph-based approaches in network security and identifies potential future research directions. Overall, this survey paper provides a valuable resource for researchers and practitioners in the field of network security who are interested in using graph-based approaches for analyzing and detecting malicious activities in networks.

Název v anglickém jazyce

A review on graph-based approaches for network security monitoring and botnet detection

Popis výsledku anglicky

This survey paper provides a comprehensive overview of recent research and development in network security that uses graphs and graph-based data representation and analytics. The paper focuses on the graph-based representation of network traffic records and the application of graph-based analytics in intrusion detection and botnet detection. The paper aims to answer several questions related to graph-based approaches in network security, including the types of graphs used to represent network security data, the approaches used to analyze such graphs, the metrics used for detection and monitoring, and the reproducibility of existing works. The paper presents a survey of graph models used to represent, store, and visualize network security data, a survey of the algorithms and approaches used to analyze such data, and an enumeration of the most important graph features used for network security analytics for monitoring and botnet detection. The paper also discusses the challenges and limitations of using graph-based approaches in network security and identifies potential future research directions. Overall, this survey paper provides a valuable resource for researchers and practitioners in the field of network security who are interested in using graph-based approaches for analyzing and detecting malicious activities in networks.

Druh

J_imp - Článek v periodiku v databázi Web of Science

CEP obor

—

OECD FORD obor

10200 - Computer and information sciences

Projekt

<a href="/cs/project/EF16_019%2F0000822" target="_blank" >EF16_019/0000822: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2024

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

International Journal of Information Security

ISSN

1615-5262

e-ISSN

1615-5270

Svazek periodika

23

Číslo periodika v rámci svazku

1

Stát vydavatele periodika

US - Spojené státy americké

Počet stran výsledku

22

Strana od-do

119-140

Kód UT WoS článku

001062032500001

EID výsledku v databázi Scopus

2-s2.0-85169463507