Inferring Causal Direction From Multi-Dimensional Causal Networks for Assessing Harmful Factors in Security Analysis

In many scenarios of security analysis, Bayesian methods are often used for assessing harmful factors like attacks, as Bayesian causal model can estimate or predict the effect from the observed factors. To distinguish which ones are direct or significant causal (harmful) factors to the target system...

Full description

Saved in:
Bibliographic Details
Published in:IEEE access Vol. 5; pp. 20009 - 20019
Main Authors: Mai, Guizhen, Hong, Yinghan, Peng, Shiguo, Peng, Yuzhong
Format: Journal Article
Language:English
Published: Piscataway IEEE 01-01-2017
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects:
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In many scenarios of security analysis, Bayesian methods are often used for assessing harmful factors like attacks, as Bayesian causal model can estimate or predict the effect from the observed factors. To distinguish which ones are direct or significant causal (harmful) factors to the target systems, we often need to calculate a (local) causal network, but the existing methods usually return Markov equivalence classes instead of an actual causal structure. In this paper, a new approach for inferring causal direction from multidimensional causal networks for assessing harmful factors in security analysis is proposed based on a split-and-merge strategy. The method first decomposes an n-dimensional network into induced subnetworks, each of which corresponds to a node in the network. We show that each induced subnetwork can be subsumed into one of the three substructures: one-degree, non-triangle, and triangle-existence substructures. Three effective algorithms are developed to infer causalities from the three substructures. The whole causal structure of the multi-dimensional network is obtained by learning these induced subnetworks separately. Experimental results demonstrate that our method is more general and effective than the state-of-the-art methods.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2017.2746539