Flurry: a Fast Framework for Reproducible Multi-layered Provenance Graph Representation Learning
Complex heterogeneous dynamic networks like knowledge graphs are powerful constructs that can be used in modeling data provenance from computer systems. From a security perspective, these attributed graphs enable causality analysis and tracing for analyzing a myriad of cyberattacks. However, there i...
Gespeichert in:
| Veröffentlicht in: | arXiv.org 2022-03 |
|---|---|
| Hauptverfasser: | , , , , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | arXiv.org |
| container_volume | |
| creator | Kapoor, Maya Melton, Joshua Ridenhour, Michael Mahalavanya Sriram Moyer, Thomas Krishnan, Siddharth |
| description | Complex heterogeneous dynamic networks like knowledge graphs are powerful constructs that can be used in modeling data provenance from computer systems. From a security perspective, these attributed graphs enable causality analysis and tracing for analyzing a myriad of cyberattacks. However, there is a paucity in systematic development of pipelines that transform system executions and provenance into usable graph representations for machine learning tasks. This lack of instrumentation severely inhibits scientific advancement in provenance graph machine learning by hindering reproducibility and limiting the availability of data that are critical for techniques like graph neural networks. To fulfill this need, we present Flurry, an end-to-end data pipeline which simulates cyberattacks, captures provenance data from these attacks at multiple system and application layers, converts audit logs from these attacks into data provenance graphs, and incorporates this data with a framework for training deep neural models that supports preconfigured or custom-designed models for analysis in real-world resilient systems. We showcase this pipeline by processing data from multiple system attacks and performing anomaly detection via graph classification using current benchmark graph representational learning frameworks. Flurry provides a fast, customizable, extensible, and transparent solution for providing this much needed data to cybersecurity professionals. |
| format | Article |
| fullrecord | <record><control><sourceid>proquest</sourceid><recordid>TN_cdi_proquest_journals_2637209008</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2637209008</sourcerecordid><originalsourceid>FETCH-proquest_journals_26372090083</originalsourceid><addsrcrecordid>eNqNjMEOATEUABuJhOAfXuK8SbVYXMVyIBFx5-EtS7W8tmT_3kZ8gNMcZjI10VRa95JRX6mG6Hh_lVKqYaoGA90U-8xE5nICCBn6ABnjnd6Ob5A7hg092J3isTgYglU0oUgMlsR0gjW7F1m0R4I54-PybcmTDRgKZ2FJyLaw57ao52g8dX5siW42204XSXV-RvJhd3WRbaV2aqhTJcdSjvR_1QfxH0UV</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2637209008</pqid></control><display><type>article</type><title>Flurry: a Fast Framework for Reproducible Multi-layered Provenance Graph Representation Learning</title><source>Free E- Journals</source><creator>Kapoor, Maya ; Melton, Joshua ; Ridenhour, Michael ; Mahalavanya Sriram ; Moyer, Thomas ; Krishnan, Siddharth</creator><creatorcontrib>Kapoor, Maya ; Melton, Joshua ; Ridenhour, Michael ; Mahalavanya Sriram ; Moyer, Thomas ; Krishnan, Siddharth</creatorcontrib><description>Complex heterogeneous dynamic networks like knowledge graphs are powerful constructs that can be used in modeling data provenance from computer systems. From a security perspective, these attributed graphs enable causality analysis and tracing for analyzing a myriad of cyberattacks. However, there is a paucity in systematic development of pipelines that transform system executions and provenance into usable graph representations for machine learning tasks. This lack of instrumentation severely inhibits scientific advancement in provenance graph machine learning by hindering reproducibility and limiting the availability of data that are critical for techniques like graph neural networks. To fulfill this need, we present Flurry, an end-to-end data pipeline which simulates cyberattacks, captures provenance data from these attacks at multiple system and application layers, converts audit logs from these attacks into data provenance graphs, and incorporates this data with a framework for training deep neural models that supports preconfigured or custom-designed models for analysis in real-world resilient systems. We showcase this pipeline by processing data from multiple system attacks and performing anomaly detection via graph classification using current benchmark graph representational learning frameworks. Flurry provides a fast, customizable, extensible, and transparent solution for providing this much needed data to cybersecurity professionals.</description><identifier>EISSN: 2331-8422</identifier><language>eng</language><publisher>Ithaca: Cornell University Library, arXiv.org</publisher><subject>Anomalies ; Cognitive tasks ; Cybersecurity ; Data processing ; Graph neural networks ; Graph representations ; Graphical representations ; Graphs ; Knowledge representation ; Machine learning ; Multilayers ; Reproducibility</subject><ispartof>arXiv.org, 2022-03</ispartof><rights>2022. This work is published under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>780,784</link.rule.ids></links><search><creatorcontrib>Kapoor, Maya</creatorcontrib><creatorcontrib>Melton, Joshua</creatorcontrib><creatorcontrib>Ridenhour, Michael</creatorcontrib><creatorcontrib>Mahalavanya Sriram</creatorcontrib><creatorcontrib>Moyer, Thomas</creatorcontrib><creatorcontrib>Krishnan, Siddharth</creatorcontrib><title>Flurry: a Fast Framework for Reproducible Multi-layered Provenance Graph Representation Learning</title><title>arXiv.org</title><description>Complex heterogeneous dynamic networks like knowledge graphs are powerful constructs that can be used in modeling data provenance from computer systems. From a security perspective, these attributed graphs enable causality analysis and tracing for analyzing a myriad of cyberattacks. However, there is a paucity in systematic development of pipelines that transform system executions and provenance into usable graph representations for machine learning tasks. This lack of instrumentation severely inhibits scientific advancement in provenance graph machine learning by hindering reproducibility and limiting the availability of data that are critical for techniques like graph neural networks. To fulfill this need, we present Flurry, an end-to-end data pipeline which simulates cyberattacks, captures provenance data from these attacks at multiple system and application layers, converts audit logs from these attacks into data provenance graphs, and incorporates this data with a framework for training deep neural models that supports preconfigured or custom-designed models for analysis in real-world resilient systems. We showcase this pipeline by processing data from multiple system attacks and performing anomaly detection via graph classification using current benchmark graph representational learning frameworks. Flurry provides a fast, customizable, extensible, and transparent solution for providing this much needed data to cybersecurity professionals.</description><subject>Anomalies</subject><subject>Cognitive tasks</subject><subject>Cybersecurity</subject><subject>Data processing</subject><subject>Graph neural networks</subject><subject>Graph representations</subject><subject>Graphical representations</subject><subject>Graphs</subject><subject>Knowledge representation</subject><subject>Machine learning</subject><subject>Multilayers</subject><subject>Reproducibility</subject><issn>2331-8422</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2022</creationdate><recordtype>article</recordtype><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><recordid>eNqNjMEOATEUABuJhOAfXuK8SbVYXMVyIBFx5-EtS7W8tmT_3kZ8gNMcZjI10VRa95JRX6mG6Hh_lVKqYaoGA90U-8xE5nICCBn6ABnjnd6Ob5A7hg092J3isTgYglU0oUgMlsR0gjW7F1m0R4I54-PybcmTDRgKZ2FJyLaw57ao52g8dX5siW42204XSXV-RvJhd3WRbaV2aqhTJcdSjvR_1QfxH0UV</recordid><startdate>20220305</startdate><enddate>20220305</enddate><creator>Kapoor, Maya</creator><creator>Melton, Joshua</creator><creator>Ridenhour, Michael</creator><creator>Mahalavanya Sriram</creator><creator>Moyer, Thomas</creator><creator>Krishnan, Siddharth</creator><general>Cornell University Library, arXiv.org</general><scope>8FE</scope><scope>8FG</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>HCIFZ</scope><scope>L6V</scope><scope>M7S</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope></search><sort><creationdate>20220305</creationdate><title>Flurry: a Fast Framework for Reproducible Multi-layered Provenance Graph Representation Learning</title><author>Kapoor, Maya ; Melton, Joshua ; Ridenhour, Michael ; Mahalavanya Sriram ; Moyer, Thomas ; Krishnan, Siddharth</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-proquest_journals_26372090083</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2022</creationdate><topic>Anomalies</topic><topic>Cognitive tasks</topic><topic>Cybersecurity</topic><topic>Data processing</topic><topic>Graph neural networks</topic><topic>Graph representations</topic><topic>Graphical representations</topic><topic>Graphs</topic><topic>Knowledge representation</topic><topic>Machine learning</topic><topic>Multilayers</topic><topic>Reproducibility</topic><toplevel>online_resources</toplevel><creatorcontrib>Kapoor, Maya</creatorcontrib><creatorcontrib>Melton, Joshua</creatorcontrib><creatorcontrib>Ridenhour, Michael</creatorcontrib><creatorcontrib>Mahalavanya Sriram</creatorcontrib><creatorcontrib>Moyer, Thomas</creatorcontrib><creatorcontrib>Krishnan, Siddharth</creatorcontrib><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Materials Science & Engineering Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Engineering Collection</collection><collection>Engineering Database</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering Collection</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Kapoor, Maya</au><au>Melton, Joshua</au><au>Ridenhour, Michael</au><au>Mahalavanya Sriram</au><au>Moyer, Thomas</au><au>Krishnan, Siddharth</au><format>book</format><genre>document</genre><ristype>GEN</ristype><atitle>Flurry: a Fast Framework for Reproducible Multi-layered Provenance Graph Representation Learning</atitle><jtitle>arXiv.org</jtitle><date>2022-03-05</date><risdate>2022</risdate><eissn>2331-8422</eissn><abstract>Complex heterogeneous dynamic networks like knowledge graphs are powerful constructs that can be used in modeling data provenance from computer systems. From a security perspective, these attributed graphs enable causality analysis and tracing for analyzing a myriad of cyberattacks. However, there is a paucity in systematic development of pipelines that transform system executions and provenance into usable graph representations for machine learning tasks. This lack of instrumentation severely inhibits scientific advancement in provenance graph machine learning by hindering reproducibility and limiting the availability of data that are critical for techniques like graph neural networks. To fulfill this need, we present Flurry, an end-to-end data pipeline which simulates cyberattacks, captures provenance data from these attacks at multiple system and application layers, converts audit logs from these attacks into data provenance graphs, and incorporates this data with a framework for training deep neural models that supports preconfigured or custom-designed models for analysis in real-world resilient systems. We showcase this pipeline by processing data from multiple system attacks and performing anomaly detection via graph classification using current benchmark graph representational learning frameworks. Flurry provides a fast, customizable, extensible, and transparent solution for providing this much needed data to cybersecurity professionals.</abstract><cop>Ithaca</cop><pub>Cornell University Library, arXiv.org</pub><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | EISSN: 2331-8422 |
| ispartof | arXiv.org, 2022-03 |
| issn | 2331-8422 |
| language | eng |
| recordid | cdi_proquest_journals_2637209008 |
| source | Free E- Journals |
| subjects | Anomalies Cognitive tasks Cybersecurity Data processing Graph neural networks Graph representations Graphical representations Graphs Knowledge representation Machine learning Multilayers Reproducibility |
| title | Flurry: a Fast Framework for Reproducible Multi-layered Provenance Graph Representation Learning |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-19T11%3A21%3A29IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=document&rft.atitle=Flurry:%20a%20Fast%20Framework%20for%20Reproducible%20Multi-layered%20Provenance%20Graph%20Representation%20Learning&rft.jtitle=arXiv.org&rft.au=Kapoor,%20Maya&rft.date=2022-03-05&rft.eissn=2331-8422&rft_id=info:doi/&rft_dat=%3Cproquest%3E2637209008%3C/proquest%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2637209008&rft_id=info:pmid/&rfr_iscdi=true |