Publikation
Simplicial complexes in network intrusion profiling: pattern construction through simplicial centralities
Mandala von Westenholz; Martin Atzmueller; Tim Römer
In: Applied Network Science, Vol. 10, No. 1, Pages 1-27, SpringerOpen, 2025.
Zusammenfassung
For studying intrusion detection data we consider data points referring to individual IP addresses and their connections. We build networks represented by graphs associated with those data points, such that vertices in a graph are constructed to denote the respective IP addresses, with the key property that attacked data points are part of the structure of the network. More precisely, this paper proposes a novel approach using simplicial complexes to model the desired network and the respective intrusions in terms of simplicial attributes, thus generalizing previous graph-based approaches. Applying adapted network centrality measures related to simplicial complexes yields patterns associated to vertices, which themselves contain a set of features. These are used to describe the attacked or the attacker vertices, respectively. Comparing this new strategy with classical concepts demonstrates the advantages of the presented approach using simplicial features for detecting and characterizing intrusions.