This paper describes a novel approach for predicting future links in cyber networks and applying the predictions to learn optimal microsegmentation policy rules. While link prediction has been applied for anomaly detection in computer networks, ours is the first application of link prediction for formulating network access policy. Link prediction adds an element of adaptivity for building baseline policy models, by predicting near-term requirements for network access. For predicting new links, those observed by at least one member of a node group are predicted to occur for all other members. This is a novel departure from the usual approach to link prediction, which is based on node affinity rather than shared dependencies. In our experiments with real enterprise network data, our approach significantly outperforms traditional link prediction, in which we apply established formulas for node similarity when comparing affinity-based versus dependency-based edge induction. For robustness to variation in future network behavior, we tune link prediction models by applying a low-pass signal filter to the prediction-quality curve and adaptively blend argmax and center of mass to optimize the prediction sensitivity parameter.
CITATION STYLE
Noel, S., & Swarup, V. (2022). Dependency-Based Link Prediction for Learning Microsegmentation Policy. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 13407 LNCS, pp. 569–588). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-15777-6_31
Mendeley helps you to discover research relevant for your work.