Generative Deep Learning for Solutions to Data Deconflation Problems in Information and Operational Technology Networks

Roger Hallman; Roger Hallman; John Miguel; Arron Lu; Alejandro Monje; Mohammad R. Alam; George Cybenko

doi:10.5220/0011996700003482

Generative Deep Learning for Solutions to Data Deconflation Problems in Information and Operational Technology Networks

Roger Hallman, Roger Hallman, John Miguel, Arron Lu, Alejandro Monje, Mohammad R. Alam, George Cybenko

2023

Abstract

Source separation problems are a long-standing and well-studied challenge in signal processing and information sciences. The “Cocktail Party Phenomenon” and other classical source separation problems are vector representable and additive, and thus solvable by well-established linear algebra techniques. However, the proliferation and adoption of Internet-connected devices (e.g., IoT, distributed sensor networks, etc.) have led to a “Cambrian explosion” of data that is available for processing. Much of this data is not readily available for processing because it includes data objects that are categorical or non-additive superpositions (i.e., data not confined to signals). The Data Deconflation Problem refers to the challenge of identifying and separating the individual constituent elements of these complex data objects. Real-world data deconflation scenarios include pattern-of-life tracking (e.g., identifying recreational activities in conjunction with a business trip), multi-target tracking (e.g., occlusions and track assignment challenges), and network situational awareness (e.g., monitoring NATed network traffic, detecting and identifying shadow IT, network steganalysis). This paper details our approach, utilizing Generative Adversarial Networks (GANs) and attention-based Transformers, to solving the data deconflation problem, as well as our experimental application to network situational awareness tasks. We cover traditional source separation solutions and expound upon why these solutions are inadequate for network monitoring tasks. Background information on GANs and transformers is presented before a description of our architecture and initial experimentation which serves as a proof-of-concept. We then describe experimentation applying our methodology to network monitoring tasks, in particular separating activities and shadow IT devices within double-NATed network traffic. We discuss our results and our methodology’s applicability to other network monitoring tasks, such as network steganalysis and covert channel detection.

Download

Paper Citation

in Harvard Style

Hallman R., Miguel J., Lu A., Monje A., R. Alam M. and Cybenko G. (2023). Generative Deep Learning for Solutions to Data Deconflation Problems in Information and Operational Technology Networks. In Proceedings of the 8th International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS, ISBN 978-989-758-643-9, SciTePress, pages 231-235. DOI: 10.5220/0011996700003482

in Bibtex Style

@conference{iotbds23,
author={Roger Hallman and John Miguel and Arron Lu and Alejandro Monje and Mohammad R. Alam and George Cybenko},
title={Generative Deep Learning for Solutions to Data Deconflation Problems in Information and Operational Technology Networks},
booktitle={Proceedings of the 8th International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS,},
year={2023},
pages={231-235},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011996700003482},
isbn={978-989-758-643-9},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 8th International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS,
TI - Generative Deep Learning for Solutions to Data Deconflation Problems in Information and Operational Technology Networks
SN - 978-989-758-643-9
AU - Hallman R.
AU - Miguel J.
AU - Lu A.
AU - Monje A.
AU - R. Alam M.
AU - Cybenko G.
PY - 2023
SP - 231
EP - 235
DO - 10.5220/0011996700003482
PB - SciTePress