subgraph-matching

Subgraph matching for insider threat detection. Implementation of https://arxiv.org/pdf/1801.08098.pdf

requires numpy and pandas to run.

Exploring the data

cd data-exploration/

run the jupyter notebook

Testing the graph builder

Go in the graph subdirectory and run Python 3. This is an example code to run the data reading and the temporal matching of a small subgraph M.

import CERTGraph as cg

graph = cg.Graph()
graph.read_file('../data/cert_b_users/insiders/CDE1846-logs.csv') # loads the graph from file
print(graph)

# Motif :
edgelist = []
edgelist.append(cg.Edge(1, 1, 1, 2, None))
edgelist.append(cg.Edge(2, 2, 2, 4, None))
#edgelist.append(cg.Edge(3, 3, 4, 3, None))
edgelist.append(cg.Edge(4, 4, 2, 3, None))
edgelist.append(cg.Edge(5, 5, 1, 2, None))
M = cg.Graph(elist=edgelist)

d = 36000000
result = graph.temporal_match(M, d)

Name		Name	Last commit message	Last commit date
Latest commit History 21 Commits
data-exploration		data-exploration
data/cert_b_users/insiders		data/cert_b_users/insiders
graph		graph
.gitignore		.gitignore
README.md		README.md
num.png		num.png
runtime.png		runtime.png
t.png		t.png
time_G.png		time_G.png
time_M.png		time_M.png
times(1).png		times(1).png
times.png		times.png

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

data-exploration

data-exploration

data/cert_b_users/insiders

data/cert_b_users/insiders

graph

graph

.gitignore

.gitignore

README.md

README.md

num.png

num.png

runtime.png

runtime.png

t.png

t.png

time_G.png

time_G.png

time_M.png

time_M.png

times(1).png

times(1).png

times.png

times.png

Repository files navigation

subgraph-matching

Exploring the data

Testing the graph builder

About

Releases

Packages

Languages

laetitia-teo/subgraph-matching

Folders and files

Latest commit

History

Repository files navigation

subgraph-matching

Exploring the data

Testing the graph builder

About

Resources

Stars

Watchers

Forks

Languages