Dynamic Graph Analytics for Cybersecurity Breach Attribution in Cloud Environments
Keywords:
Dynamic Graph Analytics, Cybersecurity Breach Attribution, Cloud EnvironmentsAbstract
We propose a novel framework that leverages dynamic graph analytics, enhanced by adaptive policy optimization, to attribute cybersecurity breaches in cloud environments. Our approach continuously constructs and refines a graph representation from heterogeneous security data—such as system logs, network flows, and vulnerability assessments—to uncover latent relationships among security events. By integrating a tailored reward mechanism inspired by reinforcement learning with a causal influence quantification based on inverse information entropy, our method pinpoints key risk drivers. Extensive experiments on a large-scale synthetic dataset demonstrate the superior performance of our framework in terms of accuracy, interpretability, and robustness compared to conventional models.
Downloads
References
Abel, Suchitra, et al. "Applications of causal modeling in cybersecurity: An exploratory approach." Advances in Science, Technology and Engineering Systems Journal 5.3 (2020): 380-387.
Al-zubidi, Azhar F., Alaa Kadhim Farhan, and Sayed M. Towfek. "Predicting DoS and DDoS attacks in network security scenarios using a hybrid deep learning model." Journal of Intelligent Systems 33.1 (2024): 20230195.
Bo, Shi, and Minheng Xiao. "Root cause attribution of delivery risks via causal discovery with reinforcement learning." Algorithms 17.11 (2024): 498.
Kure, Halima Ibrahim, Shareeful Islam, and Haralambos Mouratidis. "An integrated cyber security risk management framework and risk predication for the critical infrastructure protection." Neural Computing and Applications 34.18 (2022): 15241-15271.
Li, Shancang, et al. "Dynamic security risk evaluation via hybrid Bayesian risk graph in cyber-physical social systems." IEEE Transactions on Computational Social Systems 5.4 (2018): 1133-1141.
Liu, Han-Mei. "AI-Enabled Adaptive Cybersecurity Response Using Reinforcement Learning." Frontiers in Artificial Intelligence Research 2.1 (2025): 1-12.
Nguyen, Thanh Thi, and Vijay Janapa Reddi. "Deep reinforcement learning for cyber security." IEEE Transactions on Neural Networks and Learning Systems 34.8 (2021): 3779-3795.
Noel, Steven, et al. "CyGraph: graph-based analytics and visualization for cybersecurity." Handbook of statistics. Vol. 35. Elsevier, 2016. 117-167.
Patterson, Clare M., Jason RC Nurse, and Virginia NL Franqueira. "Learning from cyber security incidents: A systematic review and future research agenda." Computers & Security 132 (2023): 103309.
Paul, Debdeep, et al. "Cyber Threat Analysis Through Densified Causal Knowledge Graph." TENCON 2024-2024 IEEE Region 10 Conference (TENCON). IEEE, 2024.
Rawal, Atul, et al. "Causality and Machine Learning Review." DEVCOM Army Research Laboratory: Adelphi, MD, USA(2022).
Santini, Paolo, et al. "A Data‐Driven Approach to Cyber Risk Assessment." Security and Communication Networks 2019.1 (2019): 6716918.
Sozol, Md Shariar, Golam Mostafa Saki, and Md Mostafizur Rahman. "Anomaly Detection in Cybersecurity with Graph-Based Approaches." International Journal of Scientific Research in Engineering and Management (IJSREM) 8.8 (2024): 1-7.
Wang, Lei Bill, Zhenbang Jiao, and Fangyi Wang. "Modifying Final Splits of Classification Tree for Fine-tuning Subpopulation Target in Policy Making." arXiv preprint arXiv:2502.15072 (2025).
Wang, Y. Samuel, and Mathias Drton. "High-dimensional causal discovery under non-Gaussianity." Biometrika 107.1 (2020): 41-59.
Zhao, Ying, and Lauren Jones. "Integrating Human Reasoning and Machine Learning to Classify Cyber Attacks." Adversary-Aware Learning Techniques and Trends in Cybersecurity. Cham: Springer International Publishing, 2020. 147-165.
