STEP: Spatial-Temporal Network Security Event Prediction
Network security events prediction helps network operators to take response strategies from a proactive perspective, and reduce the cost caused by network attacks, which is of great significance for maintaining the security of the entire network. Most of the existing event prediction methods rely on...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Journal Article |
| Language: | English |
| Published: |
31-05-2021
|
| Subjects: | |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Network security events prediction helps network operators to take response
strategies from a proactive perspective, and reduce the cost caused by network
attacks, which is of great significance for maintaining the security of the
entire network. Most of the existing event prediction methods rely on temporal
characteristics and are dedicated to exploring time series predictions, but
ignoring the spatial relationship between hosts. This paper combines the
temporal and spatial characteristics of security events and proposes a
spatial-temporal event prediction model, named STEP. In particular, STEP
formulates the security events prediction into a spatial-temporal sequence
prediction. STEP utilizes graph convolution operation to capture the spatial
characteristics of hosts in the network, and adopts the long short term memory
(LSTM) to capture the dynamic temporal dependency of events. This paper
verifies the proposed STEP scheme on two public data sets. The experimental
results show that the prediction accuracy of security events under STEP is
higher than that of benchmark models such as LSTM, ConvLSTM. Besides, STEP
achieves high prediction accuracy when we predict events from different lengths
of sequence. |
|---|---|
| DOI: | 10.48550/arxiv.2105.14932 |