Hypergraph Topological Features for Autoencoder-Based Intrusion Detection for Cybersecurity Data

In this position paper, we argue that when hypergraphs are used to capture multi-way local relations of data, their resulting topological features describe global behaviour. Consequently, these features capture complex correlations that can then serve as high fidelity inputs to autoencoder-driven an...

Full description

Saved in:
Bibliographic Details
Published inarXiv.org
Main Authors Kay, Bill, Aksoy, Sinan G, Baird, Molly, Best, Daniel M, Jenne, Helen, Joslyn, Cliff, Potvin, Christopher, Gregory Henselman-Petrusek, Seppala, Garret, Young, Stephen J, Purvine, Emilie
Format Paper
LanguageEnglish
Published Ithaca Cornell University Library, arXiv.org 09.11.2023
Subjects
Anomalies
Cybersecurity
Graph theory
Homology
Pipelines
Topology
Online AccessGet full text

Cover

More Information
Summary:In this position paper, we argue that when hypergraphs are used to capture multi-way local relations of data, their resulting topological features describe global behaviour. Consequently, these features capture complex correlations that can then serve as high fidelity inputs to autoencoder-driven anomaly detection pipelines. We propose two such potential pipelines for cybersecurity data, one that uses an autoencoder directly to determine network intrusions, and one that de-noises input data for a persistent homology system, PHANTOM. We provide heuristic justification for the use of the methods described therein for an intrusion detection pipeline for cyber data. We conclude by showing a small example over synthetic cyber attack data.
ISSN:2331-8422