A review on graph-based approaches for network security
monitoring and botnet detection

J 2024

A review on graph-based approaches for network security monitoring and botnet detection

LAGRAA, Sofiane; Martin HUSÁK; Hamida SEBA; Satyanarayana VUPPALA; Radu STATE et. al.

Basic information

Original name

A review on graph-based approaches for network security monitoring and botnet detection

Authors

LAGRAA, Sofiane; Martin HUSÁK (203 Czech Republic, guarantor, belonging to the institution); Hamida SEBA; Satyanarayana VUPPALA; Radu STATE and Moussa OUEDRAOGO

Edition

International Journal of Information Security, Springer, 2024, 1615-5262

Other information

Language

English

Type of outcome

Article in a journal

Field of Study

10200 1.2 Computer and information sciences

Country of publisher

United States of America

Confidentiality degree

is not subject to a state or trade secret

References:

URL

Impact factor

Impact factor: 2.400 in 2023

RIV identification code

RIV/00216224:14610/24:00135191

Organization unit

Institute of Computer Science

DOI

http://dx.doi.org/10.1007/s10207-023-00742-7

UT WoS

001062032500001

EID Scopus

2-s2.0-85169463507

Keywords in English

Graph theory;Machine learning;Network security;Botnet detection;Monitoring;Cybersecurity

Abstract

V originále

This survey paper provides a comprehensive overview of recent research and development in network security that uses graphs and graph-based data representation and analytics. The paper focuses on the graph-based representation of network traffic records and the application of graph-based analytics in intrusion detection and botnet detection. The paper aims to answer several questions related to graph-based approaches in network security, including the types of graphs used to represent network security data, the approaches used to analyze such graphs, the metrics used for detection and monitoring, and the reproducibility of existing works. The paper presents a survey of graph models used to represent, store, and visualize network security data, a survey of the algorithms and approaches used to analyze such data, and an enumeration of the most important graph features used for network security analytics for monitoring and botnet detection. The paper also discusses the challenges and limitations of using graph-based approaches in network security and identifies potential future research directions. Overall, this survey paper provides a valuable resource for researchers and practitioners in the field of network security who are interested in using graph-based approaches for analyzing and detecting malicious activities in networks.

Links

EF16_019/0000822, research and development project

Name: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur

Cite

LAGRAA, Sofiane; Martin HUSÁK; Hamida SEBA; Satyanarayana VUPPALA; Radu STATE and Moussa OUEDRAOGO. A review on graph-based approaches for network security monitoring and botnet detection. International Journal of Information Security. Springer, 2024, vol. 23, No 1, p. 119-140. ISSN 1615-5262. Available from: https://dx.doi.org/10.1007/s10207-023-00742-7.

@article{2309857,
   author = {Lagraa, Sofiane and Husák, Martin and Seba, Hamida and Vuppala, Satyanarayana and State, Radu and Ouedraogo, Moussa},
   article_number = {1},
   doi = {http://dx.doi.org/10.1007/s10207-023-00742-7},
   keywords = {Graph theory;Machine learning;Network security;Botnet detection;Monitoring;Cybersecurity},
   language = {eng},
   issn = {1615-5262},
   journal = {International Journal of Information Security},
   title = {A review on graph-based approaches for network security monitoring and botnet detection},
   url = {https://link.springer.com/article/10.1007/s10207-023-00742-7},
   volume = {23},
   year = {2024}
}

TY  - JOUR
ID  - 2309857
AU  - Lagraa, Sofiane - Husák, Martin - Seba, Hamida - Vuppala, Satyanarayana - State, Radu - Ouedraogo, Moussa
PY  - 2024
TI  - A review on graph-based approaches for network security monitoring and botnet detection
JF  - International Journal of Information Security
VL  - 23
IS  - 1
SP  - 119-140
EP  - 119-140
PB  - Springer
SN  - 16155262
KW  - Graph theory;Machine learning;Network security;Botnet detection;Monitoring;Cybersecurity
UR  - https://link.springer.com/article/10.1007/s10207-023-00742-7
N2  - This survey paper provides a comprehensive overview of recent research and development in network security that uses graphs and graph-based data representation and analytics. The paper focuses on the graph-based representation of network traffic records and the application of graph-based analytics in intrusion detection and botnet detection. The paper aims to answer several questions related to graph-based approaches in network security, including the types of graphs used to represent network security data, the approaches used to analyze such graphs, the metrics used for detection and monitoring, and the reproducibility of existing works. The paper presents a survey of graph models used to represent, store, and visualize network security data, a survey of the algorithms and approaches used to analyze such data, and an enumeration of the most important graph features used for network security analytics for monitoring and botnet detection. The paper also discusses the challenges and limitations of using graph-based approaches in network security and identifies potential future research directions. Overall, this survey paper provides a valuable resource for researchers and practitioners in the field of network security who are interested in using graph-based approaches for analyzing and detecting malicious activities in networks.
ER  -

LAGRAA, Sofiane; Martin HUSÁK; Hamida SEBA; Satyanarayana VUPPALA; Radu STATE and Moussa OUEDRAOGO. A review on graph-based approaches for network security monitoring and botnet detection. \textit{International Journal of Information Security}. Springer, 2024, vol.~23, No~1, p.~119-140. ISSN~1615-5262. Available from: https://dx.doi.org/10.1007/s10207-023-00742-7.

Přehled o publikaci