SlideShare a Scribd company logo

Detecting Lateral Movement with a Compute-Intense Graph Kernel

Data Works MD
Data Works MD

Cybersecurity Analytics on a D-Wave Quantum Computer Effective cybersecurity analysis requires frequent exploration of graphs of many types and sizes, the computational cost of which can be overwhelming if not carefully chosen. After briefly introducing the D-Wave quantum computing system, we describe an analytic for finding “lateral movement” in an enterprise network, i.e., an intruder or insider threat hopping from system to system to gain access to more information. This analytic depends on maximum independent set, an NP-hard graph kernel whose computational cost grows exponentially with the size of the graph and so has not been widely used in cyber analysis. The growing strength of D-Wave’s quantum computers on such NP-hard problems will enable new analytics. We discuss practicalities of the current implementation and implications of this approach. Steve Reinhardt has built hardware/software systems that deliver new levels of performance usable via conceptually simple interfaces, including Cray Research’s T3E distributed-memory systems, ISC’s Star-P parallel-MATLAB software, and YarcData/Cray’s Urika graph-analytic systems. He now leads D-Wave’s efforts working with customers to map early applications to D-Wave systems.

1 of 32
Download to read offline
Detecting Lateral Movement with a Compute-Intense Graph Kernel <anonymous collaborator> <US government agency> Steve Reinhardt D-Wave Government spr@dwavesys.com
Copyright © D-Wave Systems Inc. 2 We implemented a compute-intensive graph kernel that finds lateral-movement-like behavior in netflow data and can execute quantumly in part. We sketch the remaining work to deliver quantum acceleration from graph kernels. We believe this enables a valuable new set of tools for cyber analysts.
Copyright © D-Wave Systems Inc. 3 Agenda • Detecting lateral movement via maximum independent set • Achieving high performance with graph kernels on a D-Wave system • Implications for cyber and other analyses
Copyright © D-Wave Systems Inc. 4 Motivation • Execution of some compute-intense graph kernels on D-Wave systems has yielded better answers than classical counterparts – Mniszewski et al., Quantum Annealing Approaches to Graph Partitioning on the D-Wave System, https://dwavefederal.com/app/uploads/2017/10/Qubits-Day-2-Morning-4_Susan_LANL.pdf • DWave_NetworkX includes a set of compute-intensive kernels – Minimum vertex cover, minimum vertex coloring, maximum cut, maximum independent set, maximal matching, signed social network – https://github.com/dwavesystems/dwave_networkx • Given exponential growth of computation with problem size, analysts have avoided these kernels, which are becoming tractable • For what cyber problems are those (or similar) kernels useful?
Copyright © D-Wave Systems Inc. 5 Detecting Lateral Movement • On graph of point-to-point logins (ssh, RDP), calculate maximum independent set (largest set of non-adjacent vertices) • As point-to-point logins explore more of the enterprise network, MIS shrinks • [WIP] Confirmed on traffic not known to contain lateral movement; working to confirm on traffic with lateral movement https://blog.rapid7.com/content/images/post-images/53326/the-attack-chain.png
Copyright © D-Wave Systems Inc. 6 Maximum Independent Set (MIS) • An independent set is a set of vertices in a graph, no two of which are adjacent. A maximum independent set is an independent set of largest possible size for a given graph G. • NP-hard problem • For exact solutions, a set is independent if and only if its complement is a vertex cover. Therefore, the sum of the size of the largest independent set α(G) and the size of a minimum vertex cover β(G) is equal to the number of vertices in the graph. The nine blue vertices form a maximum independent set for the Generalized Petersen graph GP(12,4) https://en.wikipedia.org/wiki/Independent_set_(graph_theory)#Finding_maximum_independent_sets
Copyright © D-Wave Systems Inc. 7 Experiment • LANL data, not known to contain lateral movement: https://csr.lanl.gov/data/2017.html • 88 days of data; focused on first 8 • Used 4-day sliding time window • Monitor shrinkage of max independent set as an indicator of lateral movement
Copyright © D-Wave Systems Inc. 8 Looking for a Good Graph Size Good == relevant to large enterprise networks and feasible #IP addresses full (|V|) #IP addresses reduced #point-to-point pairs (|E|) MIS size time (s) 75571 1682 1474 1353 5.2 75571 3388 1474 3253 22.0 75571 21388 1474 21253 908.9 84718 84718 1239 ? > 18 hours 130176 8429 11782 7964 121.8 159931 11757 19943 11152 248.5 75571 3388 1474 (using QPU) yyy Averages of 5 timesteps except time-limit-exceeded Running classically
Copyright © D-Wave Systems Inc. 9 Analytic Finds Smaller MIS Size spr_mbp:10M $ /Users/sreinhardt/technical/app_code/cyberGraph/process3.py netflow netflow --nTimesteps 8 --nTimestepsPerDay 4 - -inputFormat LANL --inputDigested --verbose --reduceGraph Namespace(allInput='netflow', inputDigested=True, inputFormat='LANL', nRecordsPerTimeperiod=None, nTimesteps=8, nTimestepsPerDay=4, nTimestepsPerWindow=None, pt2ptInput='netflow', reduceGraph=True, verbose=1) Reducing graph? True for timestep 3, the number of IP addresses in the full graph is 84718 and the number of IP-address-pairs that had point-to-point logins is 1239; the number of IP addresses in the reduced graph is 21178 and IP-address-pairs pt2tp is 1239 first MIS took 0:11:25.255169, second MIS took 0:17:05.962103 MIS size decreased from 21178 to 21059 (119) when ssh/telnet/RDP log-ins considered IP addresses that are no longer part of the maximum independent set are ['ActiveDirectory', 'Comp005825’, […] for timestep 4, the number of IP addresses in the full graph is 82543 and the number of IP-address-pairs that had point-to-point logins is 1472; the number of IP addresses in the reduced graph is 21380 and IP-address-pairs pt2tp is 1472 first MIS took 0:13:12.690244, second MIS took 0:14:24.761931 MIS size decreased from 21380 to 21245 (135) when ssh/telnet/RDP log-ins considered IP addresses that are no longer part of the maximum independent set are ['ActiveDirectory', 'Comp005825’, […] for timestep 5, the number of IP addresses in the full graph is 82266 and the number of IP-address-pairs that had point-to-point logins is 1525; the number of IP addresses in the reduced graph is 21427 and IP-address-pairs pt2tp is 1525 first MIS took 0:11:10.267566, second MIS took 0:11:31.594414 MIS size decreased from 21427 to 21294 (133) when ssh/telnet/RDP log-ins considered IP addresses that are no longer part of the maximum independent set are ['ActiveDirectory', 'Comp005295’, […] for timestep 6, the number of IP addresses in the full graph is 66069 and the number of IP-address-pairs that had point-to-point logins is 1551; the number of IP addresses in the reduced graph is 21459 and IP-address-pairs pt2tp is 1551 first MIS took 0:11:06.538207, second MIS took 0:17:56.528730 MIS size decreased from 21459 to 21317 (142) when ssh/telnet/RDP log-ins considered IP addresses that are no longer part of the maximum independent set are ['ActiveDirectory', 'Comp005295’, […]
Copyright © D-Wave Systems Inc. 10 Preliminary Visualization
Copyright © D-Wave Systems Inc. 11 Discussion • Why not use connected components (much faster)? – Could, but doesn’t give intuition about “how close to connected” • Need to find Goldilocks-size graphs – If too small, runs fast enough classically – If too big, even with medium-scale quantum acceleration, exponential algorithm still infeasible • If QPU solves 10% of problem, 210 combinations of those may be feasible • If QPU solves 1% of problem, 2100 combinations is not feasible
Copyright © D-Wave Systems Inc. 12 Next Steps • Need to verify on data known to have lateral movement • Need to find scale-appropriate viz that illustrates growth of connectedness (== shrinkage of MIS) for cyber analyst • Code available via private Github repository • Looking for collaborators, esp. with data
Copyright © D-Wave Systems Inc. 13 Agenda • Detecting lateral movement via maximum independent set • Achieving high performance with graph kernels on a D-Wave system • Implications for cyber and other analyses
Copyright © D-Wave Systems Inc. 14 Two Main Paths to Quantum Computing Gate-model architecture • Significant theoretical work since 1985, key algs defined in 1990s • Major issue of error correction identified by Preskill in 1998 – Believed to require 100-1000 physical qubits for every logical qubit • Google recently announced system with 72 physical qubits, results TBD • Digital nature in question – Preskill: “noisy intermediate-scale quantum” (NISQ) computers • Current focus on approximate optimization algs (e.g., QAOA) Quantum-annealing architecture • Nishimori (1998) and Farhi (1999) described theory to find low energy states; Rose (2004) identified path to build such systems • D-Wave (2010+) has delivered 4 generations of systems, the latest with 2000 qubits • Academic knowledge is mostly empirical • Problems friendly to D-Wave topology show ~1000X advantage; real-world problems ~parity • New system generations every ~2yr
Copyright © D-Wave Systems Inc. 15
Copyright © D-Wave Systems Inc. 16 Quantum Annealing: How a D-Wave system works
Copyright © D-Wave Systems Inc. 17 Programming Model / Quantum Machine Instruction QUBIT !" Quantum bit which participates in annealing cycle and settles into one of two possible final states: 0,1 COUPLER !"!& Physical device that allows one qubit to influence another qubit WEIGHT '"" Real-valued constant associated with each qubit, which influences the qubit’s tendency to collapse into each of its two possible final states; controlled by the programmer STRENGTH '"( Real-valued constant associated with each coupler, which controls the influence exerted by one qubit on another; controlled by the programmer OBJECTIVE )*+ Real-valued function that is minimized during the annealing cycle ,'(('"(; !") = 1 "( '"(!" !( The system samples from the 23 that minimize the objective Known as - Quadratic unconstrained binary optimization (QUBO) problem - Ising model - Unconstrained binary quadratic problem (UBQP) - Probabilistic graphical model (PGM) Note: The D-Wave 2000Q™ system added reverse annealing, which is a variant of this.
Copyright © D-Wave Systems Inc. 18 Mapping a Problem to D-WaveOriginal form (e.g., constraints, graph (DNX)) QUBO HW-compliant QUBO QPUs Steps Best known methods • Reduce problem size Avoid O(N2) #var growth Find frozen variables • Decompose QUBO • Map to QUBO form • Reduce QUBO Various: energy impact, recomb elite • Adjust chain strength Start with algebraic setting • Post-process • Reverse spins • Change anneal offsets • Use reverse annealing Use dozen(s) Delay chains as f(length) 103 104 105 106 107 108 Cumulative annealing time (µs) 0.0 0.2 0.4 0.6 0.8 1.0 Fractionofvalleysseen DW SA QMC HFS • Embed into HW graph Avoid long chains, extend pre-embed • Tolerate low precision Bin values into discrete ranges
Copyright © D-Wave Systems Inc. 19 Mapping MIS to QUBO Form > !"#("%#; '%) = * %# "%#'% '# Choose '% that minimize bi,j -1, if i = j 3, if i < j and ij E ⍦ 0, otherwise 0 1 2 3 4 5 6 7 8 9 10 11 0 1 2 3 4 5 6 7 8 9 10 11 -1 3 3 3 -1 3 3 3 -1 3 -1 3 3 -1 -1 3 3 -1 3 3 -1 -1 -1 3 -1 -1 0 1 2 3 4 5 6 7 8 9 10 11 https://canvas.auckland.ac.nz/courses/14782/files/563551/download?verifier=mGDAXoF3TDAKoZfnjmQ1WBRfjlB0LkTc62wAdyGO&wrap=1
Copyright © D-Wave Systems Inc. 20 Mapping Traveling Salesperson to QUBO Form > !"#("%#; '%) = * %# "%#'% '# Choose '% that minimize 0 1 2 3 4 5 6 7 8 9 10 11 • Many formulations use “for vertex i at step k” approach, which is O(N2)
Copyright © D-Wave Systems Inc. 21 Explicitly Hybrid Quantum/Classical Algorithms • Due to Chapuis et al. • CPU/GPUs and QPUs have drastically different natures; use each for its strengths • Use classical techniques (k-core graph and core/halo partitioning) to partition graph into subgraphs that will fit in QPU, find max clique of each – Limited to finding cliques embeddable in the QPU Chapuis, Djidjev, Hahn, and Rizk, “Finding Maximum Cliques on the D-Wave Quantum Annealer”
Copyright © D-Wave Systems Inc. 22 Cause for Optimism • Graph coloring • Set-weighted covering • Topological sort • Graph coloring • Minimal vertex covering • Maximum weighted path cover • Multiple graph partitioning Code generation Register sufficiency Instruction scheduling Register allocation, coalescing, minimizing spill, and reuse Global reference allocation Array unification Distributed memory layout NP-hard Problems Solved in Modern Compilers
Copyright © D-Wave Systems Inc. 23 Delivering Differentiated Performance • Today (D-Wave 2000Q™): In practice, problems of ~64 variables fit on the QPU • Next-gen D-Wave system targeted at 4-5K qubits with denser topology • Some problems shift from classically tractable to intractable between 64 and 326 variables: e.g., Markov networks (~50 today; 100s intractable) Aspect Change Effect on #variables in QMI Notes More qubits 2-2.5X more * 1.4-1.6 Denser topology 2.5X more * 2.8 Higher perf due to shorter chains QA changes TBD Lower noise, ♢ Better algs/tools * 1.3 (e.g.) RBC embedding Aggregate change * 5.46 == 326 vars ♢ Roy et al.’s “Boosting integer factoring …” showed that per-qubit advance/delay of annealing in some cases led to a 1000X performance increase (i.e., fraction of valid results) George
Copyright © D-Wave Systems Inc. 24 Agenda • Detecting lateral movement via maximum independent set • Achieving high performance with graph kernels on a D-Wave system • Implications for cyber and other analyses
Copyright © D-Wave Systems Inc. 25 Detecting LM via MIS is Only One Use Case • Current DWave_NetworkX kernels – Minimum vertex cover – Minimum vertex coloring – Maximum independent set – Maximum cut – Structural imbalance – Maximal matching • N.B.: graph partitioning, community detection, and maximum clique implemented by LANL https://arxiv.org/pdf/1705.03082.pdf https://arxiv.org/pdf/1801.08649.pdf
Copyright © D-Wave Systems Inc. 26 Min Vertex Cover (MVCov) • A vertex cover V’ of an undirected graph G = (V,E) is a) a set of vertices where every edge has at least one endpoint in the vertex cover V’, b) a subset of V such that uv ∈ E ⟹ u ∈ V’ ∨ v ∈ V’ • A minimum vertex cover is a vertex cover of smallest possible size (# vertices) https://en.wikipedia.org/wiki/Vertex_cover
Copyright © D-Wave Systems Inc. 27 Cyber Use Cases • In wireless sensor network, MVCov+ equates to a plan for installing a patch that minimizes the #rounds while preserving full observability throughout https://infoscience.epfl.ch/record/225623/files/EPFL_TH7484.pdf • MVCov is the optimal solution for worm propagation and hence for network defense Dharwadker and Pirzada, Applications of Graph Theory, ISBN 1466397098 • MVCov+ finds minimal set of strings that occur in viruses but not in normal code https://math.mit.edu/~goemans/18434S06/setcover-tamara.pdf • To make the internet more robust, want better understanding of AS-level topology, but currently BGP data is being gathered from an incomplete and biased subset of ASes. MVCov+ calculates the minimum set of watching ASes that can supply data for a comprehensive view of the internet. https://isolario.it/extra/publications/papers/BGPIncompleteness.pdf https://www.flaticon.com/free-icon/thumb-up_13979#term=thumbs up&page=1&position=86
Copyright © D-Wave Systems Inc. 28 Related Use Case: Topological Data Analysis (TDA) • E. Munch: “Find and quantify structure in noisy, complex data.” • TDA’s Mapper capability commercialized by Ayasdi • Persistent homology capability highlights the "relative prominence of homological features in the data set”
Copyright © D-Wave Systems Inc. 29 TDA / Persistent Homology (cont.) • Believed to have high analytic value – Can serve to identify features on which machine learning learns • Core kernels include: – Wasserstein (earthmover) distance between two distributions – minimum clique cover • To date, min clique cover has been so expensive to compute that #dimensions analyzed is sharply limited, reducing analytic value • D-Wave implementation of Wasserstein distance by Berwald et al. • Exploring open-source release J. Berwald, J. Gottlieb, E. Munch. Quantum Computation in a Topological Data Analysis Pipeline, https://www.dwavesys.com/sites/default/files/10_Tues_PM_TopPipe.pdf
Copyright © D-Wave Systems Inc. 30 We implemented a compute-intensive graph kernel that finds lateral-movement-like behavior in netflow data and can execute quantumly in part. We sketch the remaining work to deliver quantum acceleration from graph kernels. We believe this enables a valuable new set of tools for cyber analysts.
Copyright © D-Wave Systems Inc. 31
Copyright © D-Wave Systems Inc. 32 For More Information, See D-Wave Users Group Presentations: • 2018 (N.America): https://www.dwavesys.com/qubits-north-america-2018 • 2018 (European): https://www.dwavesys.com/qubits-europe-2018 • 2017: http://dwavefederal.com/qubits-2017/ • 2016: https://dl.dropboxusercontent.com/u/127187/User%20Group%20Presentatio ns-selected/Qubits_User_Group_Presentations_Index.html LANL Rapid Response Projects: • http://www.lanl.gov/projects//national-security-education- center/information-science-technology/dwave/index.php
Ad

Recommended

Deep Reinforcement Learning: Q-Learning
Deep Reinforcement Learning: Q-LearningDeep Reinforcement Learning: Q-Learning
Deep Reinforcement Learning: Q-Learning
Kai-Wen Zhao
 
deep reinforcement learning with double q learning
deep reinforcement learning with double q learningdeep reinforcement learning with double q learning
deep reinforcement learning with double q learning
SeungHyeok Baek
 
Optimization of Continuous Queries in Federated Database and Stream Processin...
Optimization of Continuous Queries in Federated Database and Stream Processin...Optimization of Continuous Queries in Federated Database and Stream Processin...
Optimization of Continuous Queries in Federated Database and Stream Processin...
Zbigniew Jerzak
 
HYPPO - NECSTTechTalk 23/04/2020
HYPPO - NECSTTechTalk 23/04/2020HYPPO - NECSTTechTalk 23/04/2020
HYPPO - NECSTTechTalk 23/04/2020
NECST Lab @ Politecnico di Milano
 
Adaptive Replication for Elastic Data Stream Processing
Adaptive Replication for Elastic Data Stream ProcessingAdaptive Replication for Elastic Data Stream Processing
Adaptive Replication for Elastic Data Stream Processing
Zbigniew Jerzak
 
Auto-scaling Techniques for Elastic Data Stream Processing
Auto-scaling Techniques for Elastic Data Stream ProcessingAuto-scaling Techniques for Elastic Data Stream Processing
Auto-scaling Techniques for Elastic Data Stream Processing
Zbigniew Jerzak
 
(Slides) Task scheduling algorithm for multicore processor system for minimiz...
(Slides) Task scheduling algorithm for multicore processor system for minimiz...(Slides) Task scheduling algorithm for multicore processor system for minimiz...
(Slides) Task scheduling algorithm for multicore processor system for minimiz...
Naoki Shibata
 
A Novel Approach in Scheduling Of the Real- Time Tasks In Heterogeneous Multi...
A Novel Approach in Scheduling Of the Real- Time Tasks In Heterogeneous Multi...A Novel Approach in Scheduling Of the Real- Time Tasks In Heterogeneous Multi...
A Novel Approach in Scheduling Of the Real- Time Tasks In Heterogeneous Multi...
International Journal of Power Electronics and Drive Systems
 
Distributed Near Real-Time Processing of Sensor Network Data Flows for Smart ...
Distributed Near Real-Time Processing of Sensor Network Data Flows for Smart ...Distributed Near Real-Time Processing of Sensor Network Data Flows for Smart ...
Distributed Near Real-Time Processing of Sensor Network Data Flows for Smart ...
Otávio Carvalho
 
Fault tolerant mechanisms in Big Data
Fault tolerant mechanisms in Big DataFault tolerant mechanisms in Big Data
Fault tolerant mechanisms in Big Data
Karan Pardeshi
 
4838281 operating-system-scheduling-on-multicore-architectures
4838281 operating-system-scheduling-on-multicore-architectures4838281 operating-system-scheduling-on-multicore-architectures
4838281 operating-system-scheduling-on-multicore-architectures
Islam Samir
 
Intelligent Placement of Datacenter for Internet Services
Intelligent Placement of Datacenter for Internet Services Intelligent Placement of Datacenter for Internet Services
Intelligent Placement of Datacenter for Internet Services
Arinto Murdopo
 
Thesis
ThesisThesis
Thesis
Shravan Tamaskar
 
Cloud Partitioning of Load Balancing Using Round Robin Model
Cloud Partitioning of Load Balancing Using Round Robin ModelCloud Partitioning of Load Balancing Using Round Robin Model
Cloud Partitioning of Load Balancing Using Round Robin Model
IJCERT
 
Clocks
ClocksClocks
Clocks
guesta013ed8
 
Ijariie1161
Ijariie1161Ijariie1161
Ijariie1161
IJARIIE JOURNAL
 
From data centers to fog computing: the evaporating cloud
From data centers to fog computing: the evaporating cloudFrom data centers to fog computing: the evaporating cloud
From data centers to fog computing: the evaporating cloud
FogGuru MSCA Project
 
Refining the Estimation of the Available Bandwidth in Inter-Cloud Links for T...
Refining the Estimation of the Available Bandwidth in Inter-Cloud Links for T...Refining the Estimation of the Available Bandwidth in Inter-Cloud Links for T...
Refining the Estimation of the Available Bandwidth in Inter-Cloud Links for T...
Thiago Genez
 
Configuration Optimization for Big Data Software
Configuration Optimization for Big Data SoftwareConfiguration Optimization for Big Data Software
Configuration Optimization for Big Data Software
Pooyan Jamshidi
 
RTS
RTSRTS
RTS
Anuvrat Singh
 
Exascale Computing for Autonomous Driving
Exascale Computing for Autonomous DrivingExascale Computing for Autonomous Driving
Exascale Computing for Autonomous Driving
Levent Gürel
 
Paper sharing_resource optimization scheduling and allocation for hierarchica...
Paper sharing_resource optimization scheduling and allocation for hierarchica...Paper sharing_resource optimization scheduling and allocation for hierarchica...
Paper sharing_resource optimization scheduling and allocation for hierarchica...
YOU SHENG CHEN
 
Logical Clocks (Distributed computing)
Logical Clocks (Distributed computing)Logical Clocks (Distributed computing)
Logical Clocks (Distributed computing)
Sri Prasanna
 
Goto amsterdam-2013-skinned
Goto amsterdam-2013-skinnedGoto amsterdam-2013-skinned
Goto amsterdam-2013-skinned
Ted Dunning
 
Learning Software Performance Models for Dynamic and Uncertain Environments
Learning Software Performance Models for Dynamic and Uncertain EnvironmentsLearning Software Performance Models for Dynamic and Uncertain Environments
Learning Software Performance Models for Dynamic and Uncertain Environments
Pooyan Jamshidi
 
Optimal load balancing in cloud computing
Optimal load balancing in cloud computingOptimal load balancing in cloud computing
Optimal load balancing in cloud computing
Priyanka Bhowmick
 
Performance Comparision of Dynamic Load Balancing Algorithm in Cloud Computing
Performance Comparision of Dynamic Load Balancing Algorithm in Cloud ComputingPerformance Comparision of Dynamic Load Balancing Algorithm in Cloud Computing
Performance Comparision of Dynamic Load Balancing Algorithm in Cloud Computing
Eswar Publications
 
Fault Tolerance in Big Data Processing Using Heartbeat Messages and Data Repl...
Fault Tolerance in Big Data Processing Using Heartbeat Messages and Data Repl...Fault Tolerance in Big Data Processing Using Heartbeat Messages and Data Repl...
Fault Tolerance in Big Data Processing Using Heartbeat Messages and Data Repl...
IJSRD
 
Quantum Computing: Timing is Everything
Quantum Computing: Timing is EverythingQuantum Computing: Timing is Everything
Quantum Computing: Timing is Everything
inside-BigData.com
 
D-WaveQuantum ComputingAccess & applications via cloud deployment
D-WaveQuantum ComputingAccess & applications via cloud deploymentD-WaveQuantum ComputingAccess & applications via cloud deployment
D-WaveQuantum ComputingAccess & applications via cloud deployment
Rakuten Group, Inc.
 
Ad

More Related Content

What's hot (20)

Distributed Near Real-Time Processing of Sensor Network Data Flows for Smart ...
Distributed Near Real-Time Processing of Sensor Network Data Flows for Smart ...Distributed Near Real-Time Processing of Sensor Network Data Flows for Smart ...
Distributed Near Real-Time Processing of Sensor Network Data Flows for Smart ...
Otávio Carvalho
 
Fault tolerant mechanisms in Big Data
Fault tolerant mechanisms in Big DataFault tolerant mechanisms in Big Data
Fault tolerant mechanisms in Big Data
Karan Pardeshi
 
4838281 operating-system-scheduling-on-multicore-architectures
4838281 operating-system-scheduling-on-multicore-architectures4838281 operating-system-scheduling-on-multicore-architectures
4838281 operating-system-scheduling-on-multicore-architectures
Islam Samir
 
Intelligent Placement of Datacenter for Internet Services
Intelligent Placement of Datacenter for Internet Services Intelligent Placement of Datacenter for Internet Services
Intelligent Placement of Datacenter for Internet Services
Arinto Murdopo
 
Thesis
ThesisThesis
Thesis
Shravan Tamaskar
 
Cloud Partitioning of Load Balancing Using Round Robin Model
Cloud Partitioning of Load Balancing Using Round Robin ModelCloud Partitioning of Load Balancing Using Round Robin Model
Cloud Partitioning of Load Balancing Using Round Robin Model
IJCERT
 
Clocks
ClocksClocks
Clocks
guesta013ed8
 
Ijariie1161
Ijariie1161Ijariie1161
Ijariie1161
IJARIIE JOURNAL
 
From data centers to fog computing: the evaporating cloud
From data centers to fog computing: the evaporating cloudFrom data centers to fog computing: the evaporating cloud
From data centers to fog computing: the evaporating cloud
FogGuru MSCA Project
 
Refining the Estimation of the Available Bandwidth in Inter-Cloud Links for T...
Refining the Estimation of the Available Bandwidth in Inter-Cloud Links for T...Refining the Estimation of the Available Bandwidth in Inter-Cloud Links for T...
Refining the Estimation of the Available Bandwidth in Inter-Cloud Links for T...
Thiago Genez
 
Configuration Optimization for Big Data Software
Configuration Optimization for Big Data SoftwareConfiguration Optimization for Big Data Software
Configuration Optimization for Big Data Software
Pooyan Jamshidi
 
RTS
RTSRTS
RTS
Anuvrat Singh
 
Exascale Computing for Autonomous Driving
Exascale Computing for Autonomous DrivingExascale Computing for Autonomous Driving
Exascale Computing for Autonomous Driving
Levent Gürel
 
Paper sharing_resource optimization scheduling and allocation for hierarchica...
Paper sharing_resource optimization scheduling and allocation for hierarchica...Paper sharing_resource optimization scheduling and allocation for hierarchica...
Paper sharing_resource optimization scheduling and allocation for hierarchica...
YOU SHENG CHEN
 
Logical Clocks (Distributed computing)
Logical Clocks (Distributed computing)Logical Clocks (Distributed computing)
Logical Clocks (Distributed computing)
Sri Prasanna
 
Goto amsterdam-2013-skinned
Goto amsterdam-2013-skinnedGoto amsterdam-2013-skinned
Goto amsterdam-2013-skinned
Ted Dunning
 
Learning Software Performance Models for Dynamic and Uncertain Environments
Learning Software Performance Models for Dynamic and Uncertain EnvironmentsLearning Software Performance Models for Dynamic and Uncertain Environments
Learning Software Performance Models for Dynamic and Uncertain Environments
Pooyan Jamshidi
 
Optimal load balancing in cloud computing
Optimal load balancing in cloud computingOptimal load balancing in cloud computing
Optimal load balancing in cloud computing
Priyanka Bhowmick
 
Performance Comparision of Dynamic Load Balancing Algorithm in Cloud Computing
Performance Comparision of Dynamic Load Balancing Algorithm in Cloud ComputingPerformance Comparision of Dynamic Load Balancing Algorithm in Cloud Computing
Performance Comparision of Dynamic Load Balancing Algorithm in Cloud Computing
Eswar Publications
 
Fault Tolerance in Big Data Processing Using Heartbeat Messages and Data Repl...
Fault Tolerance in Big Data Processing Using Heartbeat Messages and Data Repl...Fault Tolerance in Big Data Processing Using Heartbeat Messages and Data Repl...
Fault Tolerance in Big Data Processing Using Heartbeat Messages and Data Repl...
IJSRD
 
Distributed Near Real-Time Processing of Sensor Network Data Flows for Smart ...
Distributed Near Real-Time Processing of Sensor Network Data Flows for Smart ...Distributed Near Real-Time Processing of Sensor Network Data Flows for Smart ...
Distributed Near Real-Time Processing of Sensor Network Data Flows for Smart ...
Otávio Carvalho
 
Fault tolerant mechanisms in Big Data
Fault tolerant mechanisms in Big DataFault tolerant mechanisms in Big Data
Fault tolerant mechanisms in Big Data
Karan Pardeshi
 
4838281 operating-system-scheduling-on-multicore-architectures
4838281 operating-system-scheduling-on-multicore-architectures4838281 operating-system-scheduling-on-multicore-architectures
4838281 operating-system-scheduling-on-multicore-architectures
Islam Samir
 
Intelligent Placement of Datacenter for Internet Services
Intelligent Placement of Datacenter for Internet Services Intelligent Placement of Datacenter for Internet Services
Intelligent Placement of Datacenter for Internet Services
Arinto Murdopo
 
Thesis
ThesisThesis
Thesis
Shravan Tamaskar
 
Cloud Partitioning of Load Balancing Using Round Robin Model
Cloud Partitioning of Load Balancing Using Round Robin ModelCloud Partitioning of Load Balancing Using Round Robin Model
Cloud Partitioning of Load Balancing Using Round Robin Model
IJCERT
 
Clocks
ClocksClocks
Clocks
guesta013ed8
 
Ijariie1161
Ijariie1161Ijariie1161
Ijariie1161
IJARIIE JOURNAL
 
From data centers to fog computing: the evaporating cloud
From data centers to fog computing: the evaporating cloudFrom data centers to fog computing: the evaporating cloud
From data centers to fog computing: the evaporating cloud
FogGuru MSCA Project
 
Refining the Estimation of the Available Bandwidth in Inter-Cloud Links for T...
Refining the Estimation of the Available Bandwidth in Inter-Cloud Links for T...Refining the Estimation of the Available Bandwidth in Inter-Cloud Links for T...
Refining the Estimation of the Available Bandwidth in Inter-Cloud Links for T...
Thiago Genez
 
Configuration Optimization for Big Data Software
Configuration Optimization for Big Data SoftwareConfiguration Optimization for Big Data Software
Configuration Optimization for Big Data Software
Pooyan Jamshidi
 
RTS
RTSRTS
RTS
Anuvrat Singh
 
Exascale Computing for Autonomous Driving
Exascale Computing for Autonomous DrivingExascale Computing for Autonomous Driving
Exascale Computing for Autonomous Driving
Levent Gürel
 
Paper sharing_resource optimization scheduling and allocation for hierarchica...
Paper sharing_resource optimization scheduling and allocation for hierarchica...Paper sharing_resource optimization scheduling and allocation for hierarchica...
Paper sharing_resource optimization scheduling and allocation for hierarchica...
YOU SHENG CHEN
 
Logical Clocks (Distributed computing)
Logical Clocks (Distributed computing)Logical Clocks (Distributed computing)
Logical Clocks (Distributed computing)
Sri Prasanna
 
Goto amsterdam-2013-skinned
Goto amsterdam-2013-skinnedGoto amsterdam-2013-skinned
Goto amsterdam-2013-skinned
Ted Dunning
 
Learning Software Performance Models for Dynamic and Uncertain Environments
Learning Software Performance Models for Dynamic and Uncertain EnvironmentsLearning Software Performance Models for Dynamic and Uncertain Environments
Learning Software Performance Models for Dynamic and Uncertain Environments
Pooyan Jamshidi
 
Optimal load balancing in cloud computing
Optimal load balancing in cloud computingOptimal load balancing in cloud computing
Optimal load balancing in cloud computing
Priyanka Bhowmick
 
Performance Comparision of Dynamic Load Balancing Algorithm in Cloud Computing
Performance Comparision of Dynamic Load Balancing Algorithm in Cloud ComputingPerformance Comparision of Dynamic Load Balancing Algorithm in Cloud Computing
Performance Comparision of Dynamic Load Balancing Algorithm in Cloud Computing
Eswar Publications
 
Fault Tolerance in Big Data Processing Using Heartbeat Messages and Data Repl...
Fault Tolerance in Big Data Processing Using Heartbeat Messages and Data Repl...Fault Tolerance in Big Data Processing Using Heartbeat Messages and Data Repl...
Fault Tolerance in Big Data Processing Using Heartbeat Messages and Data Repl...
IJSRD
 

Similar to Detecting Lateral Movement with a Compute-Intense Graph Kernel (20)

Quantum Computing: Timing is Everything
Quantum Computing: Timing is EverythingQuantum Computing: Timing is Everything
Quantum Computing: Timing is Everything
inside-BigData.com
 
D-WaveQuantum ComputingAccess & applications via cloud deployment
D-WaveQuantum ComputingAccess & applications via cloud deploymentD-WaveQuantum ComputingAccess & applications via cloud deployment
D-WaveQuantum ComputingAccess & applications via cloud deployment
Rakuten Group, Inc.
 
Narayanan Sundaram, Research Scientist, Intel Labs at MLconf SF - 11/13/15
Narayanan Sundaram, Research Scientist, Intel Labs at MLconf SF - 11/13/15Narayanan Sundaram, Research Scientist, Intel Labs at MLconf SF - 11/13/15
Narayanan Sundaram, Research Scientist, Intel Labs at MLconf SF - 11/13/15
MLconf
 
Bob Garrett: Network of Networks Analysis
Bob Garrett: Network of Networks AnalysisBob Garrett: Network of Networks Analysis
Bob Garrett: Network of Networks Analysis
EnergyTech2015
 
Paper id 25201467
Paper id 25201467Paper id 25201467
Paper id 25201467
IJRAT
 
A Highly Parallel Semi-Dataflow FPGA Architecture for Large-Scale N-Body Simu...
A Highly Parallel Semi-Dataflow FPGA Architecture for Large-Scale N-Body Simu...A Highly Parallel Semi-Dataflow FPGA Architecture for Large-Scale N-Body Simu...
A Highly Parallel Semi-Dataflow FPGA Architecture for Large-Scale N-Body Simu...
NECST Lab @ Politecnico di Milano
 
Design and testing of systolic array multiplier using fault injecting schemes
Design and testing of systolic array multiplier using fault injecting schemesDesign and testing of systolic array multiplier using fault injecting schemes
Design and testing of systolic array multiplier using fault injecting schemes
CSITiaesprime
 
GRID COMPUTING
GRID COMPUTINGGRID COMPUTING
GRID COMPUTING
Abhiram Kanigolla
 
The Principle Of Ultrasound Imaging System
The Principle Of Ultrasound Imaging SystemThe Principle Of Ultrasound Imaging System
The Principle Of Ultrasound Imaging System
Melissa Luster
 
Content
ContentContent
Content
Santosh Male
 
"Trade-offs in Implementing Deep Neural Networks on FPGAs," a Presentation fr...
"Trade-offs in Implementing Deep Neural Networks on FPGAs," a Presentation fr..."Trade-offs in Implementing Deep Neural Networks on FPGAs," a Presentation fr...
"Trade-offs in Implementing Deep Neural Networks on FPGAs," a Presentation fr...
Edge AI and Vision Alliance
 
Short.course.introduction.to.vhdl for beginners
Short.course.introduction.to.vhdl for beginners Short.course.introduction.to.vhdl for beginners
Short.course.introduction.to.vhdl for beginners
Ravi Sony
 
The Sierra Supercomputer: Science and Technology on a Mission
The Sierra Supercomputer: Science and Technology on a MissionThe Sierra Supercomputer: Science and Technology on a Mission
The Sierra Supercomputer: Science and Technology on a Mission
inside-BigData.com
 
Time-Evolving Graph Processing On Commodity Clusters
Time-Evolving Graph Processing On Commodity ClustersTime-Evolving Graph Processing On Commodity Clusters
Time-Evolving Graph Processing On Commodity Clusters
Jen Aman
 
Iwsm2014 performance measurement for cloud computing applications using iso...
Iwsm2014 performance measurement for cloud computing applications using iso...Iwsm2014 performance measurement for cloud computing applications using iso...
Iwsm2014 performance measurement for cloud computing applications using iso...
Nesma
 
Lesson - 02 Network Design and Management
Lesson - 02 Network Design and ManagementLesson - 02 Network Design and Management
Lesson - 02 Network Design and Management
Angel G Diaz
 
Buzz words-dunning-real-time-learning
Buzz words-dunning-real-time-learningBuzz words-dunning-real-time-learning
Buzz words-dunning-real-time-learning
Ted Dunning
 
Larson2024_Ch06_PowerPoint_Accessible.pptx
Larson2024_Ch06_PowerPoint_Accessible.pptxLarson2024_Ch06_PowerPoint_Accessible.pptx
Larson2024_Ch06_PowerPoint_Accessible.pptx
imjustabu
 
FAST ALGORITHMS FOR UNSUPERVISED LEARNING IN LARGE DATA SETS
FAST ALGORITHMS FOR UNSUPERVISED LEARNING IN LARGE DATA SETSFAST ALGORITHMS FOR UNSUPERVISED LEARNING IN LARGE DATA SETS
FAST ALGORITHMS FOR UNSUPERVISED LEARNING IN LARGE DATA SETS
csandit
 
GCF
GCFGCF
GCF
Gaurav Menghani
 
Quantum Computing: Timing is Everything
Quantum Computing: Timing is EverythingQuantum Computing: Timing is Everything
Quantum Computing: Timing is Everything
inside-BigData.com
 
D-WaveQuantum ComputingAccess & applications via cloud deployment
D-WaveQuantum ComputingAccess & applications via cloud deploymentD-WaveQuantum ComputingAccess & applications via cloud deployment
D-WaveQuantum ComputingAccess & applications via cloud deployment
Rakuten Group, Inc.
 
Narayanan Sundaram, Research Scientist, Intel Labs at MLconf SF - 11/13/15
Narayanan Sundaram, Research Scientist, Intel Labs at MLconf SF - 11/13/15Narayanan Sundaram, Research Scientist, Intel Labs at MLconf SF - 11/13/15
Narayanan Sundaram, Research Scientist, Intel Labs at MLconf SF - 11/13/15
MLconf
 
Bob Garrett: Network of Networks Analysis
Bob Garrett: Network of Networks AnalysisBob Garrett: Network of Networks Analysis
Bob Garrett: Network of Networks Analysis
EnergyTech2015
 
Paper id 25201467
Paper id 25201467Paper id 25201467
Paper id 25201467
IJRAT
 
A Highly Parallel Semi-Dataflow FPGA Architecture for Large-Scale N-Body Simu...
A Highly Parallel Semi-Dataflow FPGA Architecture for Large-Scale N-Body Simu...A Highly Parallel Semi-Dataflow FPGA Architecture for Large-Scale N-Body Simu...
A Highly Parallel Semi-Dataflow FPGA Architecture for Large-Scale N-Body Simu...
NECST Lab @ Politecnico di Milano
 
Design and testing of systolic array multiplier using fault injecting schemes
Design and testing of systolic array multiplier using fault injecting schemesDesign and testing of systolic array multiplier using fault injecting schemes
Design and testing of systolic array multiplier using fault injecting schemes
CSITiaesprime
 
GRID COMPUTING
GRID COMPUTINGGRID COMPUTING
GRID COMPUTING
Abhiram Kanigolla
 
The Principle Of Ultrasound Imaging System
The Principle Of Ultrasound Imaging SystemThe Principle Of Ultrasound Imaging System
The Principle Of Ultrasound Imaging System
Melissa Luster
 
Content
ContentContent
Content
Santosh Male
 
"Trade-offs in Implementing Deep Neural Networks on FPGAs," a Presentation fr...
"Trade-offs in Implementing Deep Neural Networks on FPGAs," a Presentation fr..."Trade-offs in Implementing Deep Neural Networks on FPGAs," a Presentation fr...
"Trade-offs in Implementing Deep Neural Networks on FPGAs," a Presentation fr...
Edge AI and Vision Alliance
 
Short.course.introduction.to.vhdl for beginners
Short.course.introduction.to.vhdl for beginners Short.course.introduction.to.vhdl for beginners
Short.course.introduction.to.vhdl for beginners
Ravi Sony
 
The Sierra Supercomputer: Science and Technology on a Mission
The Sierra Supercomputer: Science and Technology on a MissionThe Sierra Supercomputer: Science and Technology on a Mission
The Sierra Supercomputer: Science and Technology on a Mission
inside-BigData.com
 
Time-Evolving Graph Processing On Commodity Clusters
Time-Evolving Graph Processing On Commodity ClustersTime-Evolving Graph Processing On Commodity Clusters
Time-Evolving Graph Processing On Commodity Clusters
Jen Aman
 
Iwsm2014 performance measurement for cloud computing applications using iso...
Iwsm2014 performance measurement for cloud computing applications using iso...Iwsm2014 performance measurement for cloud computing applications using iso...
Iwsm2014 performance measurement for cloud computing applications using iso...
Nesma
 
Lesson - 02 Network Design and Management
Lesson - 02 Network Design and ManagementLesson - 02 Network Design and Management
Lesson - 02 Network Design and Management
Angel G Diaz
 
Buzz words-dunning-real-time-learning
Buzz words-dunning-real-time-learningBuzz words-dunning-real-time-learning
Buzz words-dunning-real-time-learning
Ted Dunning
 
Larson2024_Ch06_PowerPoint_Accessible.pptx
Larson2024_Ch06_PowerPoint_Accessible.pptxLarson2024_Ch06_PowerPoint_Accessible.pptx
Larson2024_Ch06_PowerPoint_Accessible.pptx
imjustabu
 
FAST ALGORITHMS FOR UNSUPERVISED LEARNING IN LARGE DATA SETS
FAST ALGORITHMS FOR UNSUPERVISED LEARNING IN LARGE DATA SETSFAST ALGORITHMS FOR UNSUPERVISED LEARNING IN LARGE DATA SETS
FAST ALGORITHMS FOR UNSUPERVISED LEARNING IN LARGE DATA SETS
csandit
 
GCF
GCFGCF
GCF
Gaurav Menghani
 
Ad

More from Data Works MD (18)

Data Journalism at The Baltimore Banner
Data Journalism at The Baltimore BannerData Journalism at The Baltimore Banner
Data Journalism at The Baltimore Banner
Data Works MD
 
Jolt’s Picks - Machine Learning and Major League Baseball Hit Streaks
Jolt’s Picks - Machine Learning and Major League Baseball Hit StreaksJolt’s Picks - Machine Learning and Major League Baseball Hit Streaks
Jolt’s Picks - Machine Learning and Major League Baseball Hit Streaks
Data Works MD
 
Introducing DataWave
Introducing DataWaveIntroducing DataWave
Introducing DataWave
Data Works MD
 
Malware Detection, Enabled by Machine Learning
Malware Detection, Enabled by Machine LearningMalware Detection, Enabled by Machine Learning
Malware Detection, Enabled by Machine Learning
Data Works MD
 
Using AWS, Terraform, and Ansible to Automate Splunk at Scale
Using AWS, Terraform, and Ansible to Automate Splunk at ScaleUsing AWS, Terraform, and Ansible to Automate Splunk at Scale
Using AWS, Terraform, and Ansible to Automate Splunk at Scale
Data Works MD
 
A Day in the Life of a Data Journalist
A Day in the Life of a Data JournalistA Day in the Life of a Data Journalist
A Day in the Life of a Data Journalist
Data Works MD
 
Robotics and Machine Learning: Working with NVIDIA Jetson Kits
Robotics and Machine Learning: Working with NVIDIA Jetson KitsRobotics and Machine Learning: Working with NVIDIA Jetson Kits
Robotics and Machine Learning: Working with NVIDIA Jetson Kits
Data Works MD
 
Connect Data and Devices with Apache NiFi
Connect Data and Devices with Apache NiFiConnect Data and Devices with Apache NiFi
Connect Data and Devices with Apache NiFi
Data Works MD
 
Introduction to Machine Learning
Introduction to Machine LearningIntroduction to Machine Learning
Introduction to Machine Learning
Data Works MD
 
Data in the City: Analytics and Civic Data in Baltimore
Data in the City: Analytics and Civic Data in BaltimoreData in the City: Analytics and Civic Data in Baltimore
Data in the City: Analytics and Civic Data in Baltimore
Data Works MD
 
Exploring Correlation Between Sentiment of Environmental Tweets and the Stock...
Exploring Correlation Between Sentiment of Environmental Tweets and the Stock...Exploring Correlation Between Sentiment of Environmental Tweets and the Stock...
Exploring Correlation Between Sentiment of Environmental Tweets and the Stock...
Data Works MD
 
Automated Software Requirements Labeling
Automated Software Requirements LabelingAutomated Software Requirements Labeling
Automated Software Requirements Labeling
Data Works MD
 
Introduction to Elasticsearch for Business Intelligence and Application Insights
Introduction to Elasticsearch for Business Intelligence and Application InsightsIntroduction to Elasticsearch for Business Intelligence and Application Insights
Introduction to Elasticsearch for Business Intelligence and Application Insights
Data Works MD
 
An Asynchronous Distributed Deep Learning Based Intrusion Detection System fo...
An Asynchronous Distributed Deep Learning Based Intrusion Detection System fo...An Asynchronous Distributed Deep Learning Based Intrusion Detection System fo...
An Asynchronous Distributed Deep Learning Based Intrusion Detection System fo...
Data Works MD
 
RAPIDS – Open GPU-accelerated Data Science
RAPIDS – Open GPU-accelerated Data ScienceRAPIDS – Open GPU-accelerated Data Science
RAPIDS – Open GPU-accelerated Data Science
Data Works MD
 
Two Algorithms for Weakly Supervised Denoising of EEG Data
Two Algorithms for Weakly Supervised Denoising of EEG DataTwo Algorithms for Weakly Supervised Denoising of EEG Data
Two Algorithms for Weakly Supervised Denoising of EEG Data
Data Works MD
 
Predictive Analytics and Neighborhood Health
Predictive Analytics and Neighborhood HealthPredictive Analytics and Neighborhood Health
Predictive Analytics and Neighborhood Health
Data Works MD
 
Social Network Analysis Workshop
Social Network Analysis WorkshopSocial Network Analysis Workshop
Social Network Analysis Workshop
Data Works MD
 
Data Journalism at The Baltimore Banner
Data Journalism at The Baltimore BannerData Journalism at The Baltimore Banner
Data Journalism at The Baltimore Banner
Data Works MD
 
Jolt’s Picks - Machine Learning and Major League Baseball Hit Streaks
Jolt’s Picks - Machine Learning and Major League Baseball Hit StreaksJolt’s Picks - Machine Learning and Major League Baseball Hit Streaks
Jolt’s Picks - Machine Learning and Major League Baseball Hit Streaks
Data Works MD
 
Introducing DataWave
Introducing DataWaveIntroducing DataWave
Introducing DataWave
Data Works MD
 
Malware Detection, Enabled by Machine Learning
Malware Detection, Enabled by Machine LearningMalware Detection, Enabled by Machine Learning
Malware Detection, Enabled by Machine Learning
Data Works MD
 
Using AWS, Terraform, and Ansible to Automate Splunk at Scale
Using AWS, Terraform, and Ansible to Automate Splunk at ScaleUsing AWS, Terraform, and Ansible to Automate Splunk at Scale
Using AWS, Terraform, and Ansible to Automate Splunk at Scale
Data Works MD
 
A Day in the Life of a Data Journalist
A Day in the Life of a Data JournalistA Day in the Life of a Data Journalist
A Day in the Life of a Data Journalist
Data Works MD
 
Robotics and Machine Learning: Working with NVIDIA Jetson Kits
Robotics and Machine Learning: Working with NVIDIA Jetson KitsRobotics and Machine Learning: Working with NVIDIA Jetson Kits
Robotics and Machine Learning: Working with NVIDIA Jetson Kits
Data Works MD
 
Connect Data and Devices with Apache NiFi
Connect Data and Devices with Apache NiFiConnect Data and Devices with Apache NiFi
Connect Data and Devices with Apache NiFi
Data Works MD
 
Introduction to Machine Learning
Introduction to Machine LearningIntroduction to Machine Learning
Introduction to Machine Learning
Data Works MD
 
Data in the City: Analytics and Civic Data in Baltimore
Data in the City: Analytics and Civic Data in BaltimoreData in the City: Analytics and Civic Data in Baltimore
Data in the City: Analytics and Civic Data in Baltimore
Data Works MD
 
Exploring Correlation Between Sentiment of Environmental Tweets and the Stock...
Exploring Correlation Between Sentiment of Environmental Tweets and the Stock...Exploring Correlation Between Sentiment of Environmental Tweets and the Stock...
Exploring Correlation Between Sentiment of Environmental Tweets and the Stock...
Data Works MD
 
Automated Software Requirements Labeling
Automated Software Requirements LabelingAutomated Software Requirements Labeling
Automated Software Requirements Labeling
Data Works MD
 
Introduction to Elasticsearch for Business Intelligence and Application Insights
Introduction to Elasticsearch for Business Intelligence and Application InsightsIntroduction to Elasticsearch for Business Intelligence and Application Insights
Introduction to Elasticsearch for Business Intelligence and Application Insights
Data Works MD
 
An Asynchronous Distributed Deep Learning Based Intrusion Detection System fo...
An Asynchronous Distributed Deep Learning Based Intrusion Detection System fo...An Asynchronous Distributed Deep Learning Based Intrusion Detection System fo...
An Asynchronous Distributed Deep Learning Based Intrusion Detection System fo...
Data Works MD
 
RAPIDS – Open GPU-accelerated Data Science
RAPIDS – Open GPU-accelerated Data ScienceRAPIDS – Open GPU-accelerated Data Science
RAPIDS – Open GPU-accelerated Data Science
Data Works MD
 
Two Algorithms for Weakly Supervised Denoising of EEG Data
Two Algorithms for Weakly Supervised Denoising of EEG DataTwo Algorithms for Weakly Supervised Denoising of EEG Data
Two Algorithms for Weakly Supervised Denoising of EEG Data
Data Works MD
 
Predictive Analytics and Neighborhood Health
Predictive Analytics and Neighborhood HealthPredictive Analytics and Neighborhood Health
Predictive Analytics and Neighborhood Health
Data Works MD
 
Social Network Analysis Workshop
Social Network Analysis WorkshopSocial Network Analysis Workshop
Social Network Analysis Workshop
Data Works MD
 
Ad

Recently uploaded (20)

DSP and MV the Color image processing.ppt
DSP and MV the Color image processing.pptDSP and MV the Color image processing.ppt
DSP and MV the Color image processing.ppt
HafizAhamed8
 
211421893-M-Tech-CIVIL-Structural-Engineering-pdf.pdf
211421893-M-Tech-CIVIL-Structural-Engineering-pdf.pdf211421893-M-Tech-CIVIL-Structural-Engineering-pdf.pdf
211421893-M-Tech-CIVIL-Structural-Engineering-pdf.pdf
inmishra17121973
 
"Feed Water Heaters in Thermal Power Plants: Types, Working, and Efficiency G...
"Feed Water Heaters in Thermal Power Plants: Types, Working, and Efficiency G..."Feed Water Heaters in Thermal Power Plants: Types, Working, and Efficiency G...
"Feed Water Heaters in Thermal Power Plants: Types, Working, and Efficiency G...
Infopitaara
 
Metal alkyne complexes.pptx in chemistry
Metal alkyne complexes.pptx in chemistryMetal alkyne complexes.pptx in chemistry
Metal alkyne complexes.pptx in chemistry
mee23nu
 
Lidar for Autonomous Driving, LiDAR Mapping for Driverless Cars.pptx
Lidar for Autonomous Driving, LiDAR Mapping for Driverless Cars.pptxLidar for Autonomous Driving, LiDAR Mapping for Driverless Cars.pptx
Lidar for Autonomous Driving, LiDAR Mapping for Driverless Cars.pptx
RishavKumar530754
 
RICS Membership-(The Royal Institution of Chartered Surveyors).pdf
RICS Membership-(The Royal Institution of Chartered Surveyors).pdfRICS Membership-(The Royal Institution of Chartered Surveyors).pdf
RICS Membership-(The Royal Institution of Chartered Surveyors).pdf
MohamedAbdelkader115
 
Introduction to FLUID MECHANICS & KINEMATICS
Introduction to FLUID MECHANICS & KINEMATICSIntroduction to FLUID MECHANICS & KINEMATICS
Introduction to FLUID MECHANICS & KINEMATICS
narayanaswamygdas
 
Data Structures_Introduction to algorithms.pptx
Data Structures_Introduction to algorithms.pptxData Structures_Introduction to algorithms.pptx
Data Structures_Introduction to algorithms.pptx
RushaliDeshmukh2
 
QA/QC Manager (Quality management Expert)
QA/QC Manager (Quality management Expert)QA/QC Manager (Quality management Expert)
QA/QC Manager (Quality management Expert)
rccbatchplant
 
Fort night presentation new0903 pdf.pdf.
Fort night presentation new0903 pdf.pdf.Fort night presentation new0903 pdf.pdf.
Fort night presentation new0903 pdf.pdf.
anuragmk56
 
International Journal of Distributed and Parallel systems (IJDPS)
International Journal of Distributed and Parallel systems (IJDPS)International Journal of Distributed and Parallel systems (IJDPS)
International Journal of Distributed and Parallel systems (IJDPS)
samueljackson3773
 
Value Stream Mapping Worskshops for Intelligent Continuous Security
Value Stream Mapping Worskshops for Intelligent Continuous SecurityValue Stream Mapping Worskshops for Intelligent Continuous Security
Value Stream Mapping Worskshops for Intelligent Continuous Security
Marc Hornbeek
 
theory-slides-for react for beginners.pptx
theory-slides-for react for beginners.pptxtheory-slides-for react for beginners.pptx
theory-slides-for react for beginners.pptx
sanchezvanessa7896
 
Oil-gas_Unconventional oil and gass_reseviours.pdf
Oil-gas_Unconventional oil and gass_reseviours.pdfOil-gas_Unconventional oil and gass_reseviours.pdf
Oil-gas_Unconventional oil and gass_reseviours.pdf
M7md3li2
 
The Gaussian Process Modeling Module in UQLab
The Gaussian Process Modeling Module in UQLabThe Gaussian Process Modeling Module in UQLab
The Gaussian Process Modeling Module in UQLab
Journal of Soft Computing in Civil Engineering
 
ADVXAI IN MALWARE ANALYSIS FRAMEWORK: BALANCING EXPLAINABILITY WITH SECURITY
ADVXAI IN MALWARE ANALYSIS FRAMEWORK: BALANCING EXPLAINABILITY WITH SECURITYADVXAI IN MALWARE ANALYSIS FRAMEWORK: BALANCING EXPLAINABILITY WITH SECURITY
ADVXAI IN MALWARE ANALYSIS FRAMEWORK: BALANCING EXPLAINABILITY WITH SECURITY
ijscai
 
AI-assisted Software Testing (3-hours tutorial)
AI-assisted Software Testing (3-hours tutorial)AI-assisted Software Testing (3-hours tutorial)
AI-assisted Software Testing (3-hours tutorial)
Vəhid Gəruslu
 
some basics electrical and electronics knowledge
some basics electrical and electronics knowledgesome basics electrical and electronics knowledge
some basics electrical and electronics knowledge
nguyentrungdo88
 
DATA-DRIVEN SHOULDER INVERSE KINEMATICS YoungBeom Kim1 , Byung-Ha Park1 , Kwa...
DATA-DRIVEN SHOULDER INVERSE KINEMATICS YoungBeom Kim1 , Byung-Ha Park1 , Kwa...DATA-DRIVEN SHOULDER INVERSE KINEMATICS YoungBeom Kim1 , Byung-Ha Park1 , Kwa...
DATA-DRIVEN SHOULDER INVERSE KINEMATICS YoungBeom Kim1 , Byung-Ha Park1 , Kwa...
charlesdick1345
 
Structural Response of Reinforced Self-Compacting Concrete Deep Beam Using Fi...
Structural Response of Reinforced Self-Compacting Concrete Deep Beam Using Fi...Structural Response of Reinforced Self-Compacting Concrete Deep Beam Using Fi...
Structural Response of Reinforced Self-Compacting Concrete Deep Beam Using Fi...
Journal of Soft Computing in Civil Engineering
 
DSP and MV the Color image processing.ppt
DSP and MV the Color image processing.pptDSP and MV the Color image processing.ppt
DSP and MV the Color image processing.ppt
HafizAhamed8
 
211421893-M-Tech-CIVIL-Structural-Engineering-pdf.pdf
211421893-M-Tech-CIVIL-Structural-Engineering-pdf.pdf211421893-M-Tech-CIVIL-Structural-Engineering-pdf.pdf
211421893-M-Tech-CIVIL-Structural-Engineering-pdf.pdf
inmishra17121973
 
"Feed Water Heaters in Thermal Power Plants: Types, Working, and Efficiency G...
"Feed Water Heaters in Thermal Power Plants: Types, Working, and Efficiency G..."Feed Water Heaters in Thermal Power Plants: Types, Working, and Efficiency G...
"Feed Water Heaters in Thermal Power Plants: Types, Working, and Efficiency G...
Infopitaara
 
Metal alkyne complexes.pptx in chemistry
Metal alkyne complexes.pptx in chemistryMetal alkyne complexes.pptx in chemistry
Metal alkyne complexes.pptx in chemistry
mee23nu
 
Lidar for Autonomous Driving, LiDAR Mapping for Driverless Cars.pptx
Lidar for Autonomous Driving, LiDAR Mapping for Driverless Cars.pptxLidar for Autonomous Driving, LiDAR Mapping for Driverless Cars.pptx
Lidar for Autonomous Driving, LiDAR Mapping for Driverless Cars.pptx
RishavKumar530754
 
RICS Membership-(The Royal Institution of Chartered Surveyors).pdf
RICS Membership-(The Royal Institution of Chartered Surveyors).pdfRICS Membership-(The Royal Institution of Chartered Surveyors).pdf
RICS Membership-(The Royal Institution of Chartered Surveyors).pdf
MohamedAbdelkader115
 
Introduction to FLUID MECHANICS & KINEMATICS
Introduction to FLUID MECHANICS & KINEMATICSIntroduction to FLUID MECHANICS & KINEMATICS
Introduction to FLUID MECHANICS & KINEMATICS
narayanaswamygdas
 
Data Structures_Introduction to algorithms.pptx
Data Structures_Introduction to algorithms.pptxData Structures_Introduction to algorithms.pptx
Data Structures_Introduction to algorithms.pptx
RushaliDeshmukh2
 
QA/QC Manager (Quality management Expert)
QA/QC Manager (Quality management Expert)QA/QC Manager (Quality management Expert)
QA/QC Manager (Quality management Expert)
rccbatchplant
 
Fort night presentation new0903 pdf.pdf.
Fort night presentation new0903 pdf.pdf.Fort night presentation new0903 pdf.pdf.
Fort night presentation new0903 pdf.pdf.
anuragmk56
 
International Journal of Distributed and Parallel systems (IJDPS)
International Journal of Distributed and Parallel systems (IJDPS)International Journal of Distributed and Parallel systems (IJDPS)
International Journal of Distributed and Parallel systems (IJDPS)
samueljackson3773
 
Value Stream Mapping Worskshops for Intelligent Continuous Security
Value Stream Mapping Worskshops for Intelligent Continuous SecurityValue Stream Mapping Worskshops for Intelligent Continuous Security
Value Stream Mapping Worskshops for Intelligent Continuous Security
Marc Hornbeek
 
theory-slides-for react for beginners.pptx
theory-slides-for react for beginners.pptxtheory-slides-for react for beginners.pptx
theory-slides-for react for beginners.pptx
sanchezvanessa7896
 
Oil-gas_Unconventional oil and gass_reseviours.pdf
Oil-gas_Unconventional oil and gass_reseviours.pdfOil-gas_Unconventional oil and gass_reseviours.pdf
Oil-gas_Unconventional oil and gass_reseviours.pdf
M7md3li2
 
The Gaussian Process Modeling Module in UQLab
The Gaussian Process Modeling Module in UQLabThe Gaussian Process Modeling Module in UQLab
The Gaussian Process Modeling Module in UQLab
Journal of Soft Computing in Civil Engineering
 
ADVXAI IN MALWARE ANALYSIS FRAMEWORK: BALANCING EXPLAINABILITY WITH SECURITY
ADVXAI IN MALWARE ANALYSIS FRAMEWORK: BALANCING EXPLAINABILITY WITH SECURITYADVXAI IN MALWARE ANALYSIS FRAMEWORK: BALANCING EXPLAINABILITY WITH SECURITY
ADVXAI IN MALWARE ANALYSIS FRAMEWORK: BALANCING EXPLAINABILITY WITH SECURITY
ijscai
 
AI-assisted Software Testing (3-hours tutorial)
AI-assisted Software Testing (3-hours tutorial)AI-assisted Software Testing (3-hours tutorial)
AI-assisted Software Testing (3-hours tutorial)
Vəhid Gəruslu
 
some basics electrical and electronics knowledge
some basics electrical and electronics knowledgesome basics electrical and electronics knowledge
some basics electrical and electronics knowledge
nguyentrungdo88
 
DATA-DRIVEN SHOULDER INVERSE KINEMATICS YoungBeom Kim1 , Byung-Ha Park1 , Kwa...
DATA-DRIVEN SHOULDER INVERSE KINEMATICS YoungBeom Kim1 , Byung-Ha Park1 , Kwa...DATA-DRIVEN SHOULDER INVERSE KINEMATICS YoungBeom Kim1 , Byung-Ha Park1 , Kwa...
DATA-DRIVEN SHOULDER INVERSE KINEMATICS YoungBeom Kim1 , Byung-Ha Park1 , Kwa...
charlesdick1345
 
Structural Response of Reinforced Self-Compacting Concrete Deep Beam Using Fi...
Structural Response of Reinforced Self-Compacting Concrete Deep Beam Using Fi...Structural Response of Reinforced Self-Compacting Concrete Deep Beam Using Fi...
Structural Response of Reinforced Self-Compacting Concrete Deep Beam Using Fi...
Journal of Soft Computing in Civil Engineering
 

Detecting Lateral Movement with a Compute-Intense Graph Kernel

  • 1. Detecting Lateral Movement with a Compute-Intense Graph Kernel <anonymous collaborator> <US government agency> Steve Reinhardt D-Wave Government [email protected]
  • 2. Copyright © D-Wave Systems Inc. 2 We implemented a compute-intensive graph kernel that finds lateral-movement-like behavior in netflow data and can execute quantumly in part. We sketch the remaining work to deliver quantum acceleration from graph kernels. We believe this enables a valuable new set of tools for cyber analysts.
  • 3. Copyright © D-Wave Systems Inc. 3 Agenda • Detecting lateral movement via maximum independent set • Achieving high performance with graph kernels on a D-Wave system • Implications for cyber and other analyses
  • 4. Copyright © D-Wave Systems Inc. 4 Motivation • Execution of some compute-intense graph kernels on D-Wave systems has yielded better answers than classical counterparts – Mniszewski et al., Quantum Annealing Approaches to Graph Partitioning on the D-Wave System, https://dwavefederal.com/app/uploads/2017/10/Qubits-Day-2-Morning-4_Susan_LANL.pdf • DWave_NetworkX includes a set of compute-intensive kernels – Minimum vertex cover, minimum vertex coloring, maximum cut, maximum independent set, maximal matching, signed social network – https://github.com/dwavesystems/dwave_networkx • Given exponential growth of computation with problem size, analysts have avoided these kernels, which are becoming tractable • For what cyber problems are those (or similar) kernels useful?
  • 5. Copyright © D-Wave Systems Inc. 5 Detecting Lateral Movement • On graph of point-to-point logins (ssh, RDP), calculate maximum independent set (largest set of non-adjacent vertices) • As point-to-point logins explore more of the enterprise network, MIS shrinks • [WIP] Confirmed on traffic not known to contain lateral movement; working to confirm on traffic with lateral movement https://blog.rapid7.com/content/images/post-images/53326/the-attack-chain.png
  • 6. Copyright © D-Wave Systems Inc. 6 Maximum Independent Set (MIS) • An independent set is a set of vertices in a graph, no two of which are adjacent. A maximum independent set is an independent set of largest possible size for a given graph G. • NP-hard problem • For exact solutions, a set is independent if and only if its complement is a vertex cover. Therefore, the sum of the size of the largest independent set α(G) and the size of a minimum vertex cover β(G) is equal to the number of vertices in the graph. The nine blue vertices form a maximum independent set for the Generalized Petersen graph GP(12,4) https://en.wikipedia.org/wiki/Independent_set_(graph_theory)#Finding_maximum_independent_sets
  • 7. Copyright © D-Wave Systems Inc. 7 Experiment • LANL data, not known to contain lateral movement: https://csr.lanl.gov/data/2017.html • 88 days of data; focused on first 8 • Used 4-day sliding time window • Monitor shrinkage of max independent set as an indicator of lateral movement
  • 8. Copyright © D-Wave Systems Inc. 8 Looking for a Good Graph Size Good == relevant to large enterprise networks and feasible #IP addresses full (|V|) #IP addresses reduced #point-to-point pairs (|E|) MIS size time (s) 75571 1682 1474 1353 5.2 75571 3388 1474 3253 22.0 75571 21388 1474 21253 908.9 84718 84718 1239 ? > 18 hours 130176 8429 11782 7964 121.8 159931 11757 19943 11152 248.5 75571 3388 1474 (using QPU) yyy Averages of 5 timesteps except time-limit-exceeded Running classically
  • 9. Copyright © D-Wave Systems Inc. 9 Analytic Finds Smaller MIS Size spr_mbp:10M $ /Users/sreinhardt/technical/app_code/cyberGraph/process3.py netflow netflow --nTimesteps 8 --nTimestepsPerDay 4 - -inputFormat LANL --inputDigested --verbose --reduceGraph Namespace(allInput='netflow', inputDigested=True, inputFormat='LANL', nRecordsPerTimeperiod=None, nTimesteps=8, nTimestepsPerDay=4, nTimestepsPerWindow=None, pt2ptInput='netflow', reduceGraph=True, verbose=1) Reducing graph? True for timestep 3, the number of IP addresses in the full graph is 84718 and the number of IP-address-pairs that had point-to-point logins is 1239; the number of IP addresses in the reduced graph is 21178 and IP-address-pairs pt2tp is 1239 first MIS took 0:11:25.255169, second MIS took 0:17:05.962103 MIS size decreased from 21178 to 21059 (119) when ssh/telnet/RDP log-ins considered IP addresses that are no longer part of the maximum independent set are ['ActiveDirectory', 'Comp005825’, […] for timestep 4, the number of IP addresses in the full graph is 82543 and the number of IP-address-pairs that had point-to-point logins is 1472; the number of IP addresses in the reduced graph is 21380 and IP-address-pairs pt2tp is 1472 first MIS took 0:13:12.690244, second MIS took 0:14:24.761931 MIS size decreased from 21380 to 21245 (135) when ssh/telnet/RDP log-ins considered IP addresses that are no longer part of the maximum independent set are ['ActiveDirectory', 'Comp005825’, […] for timestep 5, the number of IP addresses in the full graph is 82266 and the number of IP-address-pairs that had point-to-point logins is 1525; the number of IP addresses in the reduced graph is 21427 and IP-address-pairs pt2tp is 1525 first MIS took 0:11:10.267566, second MIS took 0:11:31.594414 MIS size decreased from 21427 to 21294 (133) when ssh/telnet/RDP log-ins considered IP addresses that are no longer part of the maximum independent set are ['ActiveDirectory', 'Comp005295’, […] for timestep 6, the number of IP addresses in the full graph is 66069 and the number of IP-address-pairs that had point-to-point logins is 1551; the number of IP addresses in the reduced graph is 21459 and IP-address-pairs pt2tp is 1551 first MIS took 0:11:06.538207, second MIS took 0:17:56.528730 MIS size decreased from 21459 to 21317 (142) when ssh/telnet/RDP log-ins considered IP addresses that are no longer part of the maximum independent set are ['ActiveDirectory', 'Comp005295’, […]
  • 10. Copyright © D-Wave Systems Inc. 10 Preliminary Visualization
  • 11. Copyright © D-Wave Systems Inc. 11 Discussion • Why not use connected components (much faster)? – Could, but doesn’t give intuition about “how close to connected” • Need to find Goldilocks-size graphs – If too small, runs fast enough classically – If too big, even with medium-scale quantum acceleration, exponential algorithm still infeasible • If QPU solves 10% of problem, 210 combinations of those may be feasible • If QPU solves 1% of problem, 2100 combinations is not feasible
  • 12. Copyright © D-Wave Systems Inc. 12 Next Steps • Need to verify on data known to have lateral movement • Need to find scale-appropriate viz that illustrates growth of connectedness (== shrinkage of MIS) for cyber analyst • Code available via private Github repository • Looking for collaborators, esp. with data
  • 13. Copyright © D-Wave Systems Inc. 13 Agenda • Detecting lateral movement via maximum independent set • Achieving high performance with graph kernels on a D-Wave system • Implications for cyber and other analyses
  • 14. Copyright © D-Wave Systems Inc. 14 Two Main Paths to Quantum Computing Gate-model architecture • Significant theoretical work since 1985, key algs defined in 1990s • Major issue of error correction identified by Preskill in 1998 – Believed to require 100-1000 physical qubits for every logical qubit • Google recently announced system with 72 physical qubits, results TBD • Digital nature in question – Preskill: “noisy intermediate-scale quantum” (NISQ) computers • Current focus on approximate optimization algs (e.g., QAOA) Quantum-annealing architecture • Nishimori (1998) and Farhi (1999) described theory to find low energy states; Rose (2004) identified path to build such systems • D-Wave (2010+) has delivered 4 generations of systems, the latest with 2000 qubits • Academic knowledge is mostly empirical • Problems friendly to D-Wave topology show ~1000X advantage; real-world problems ~parity • New system generations every ~2yr
  • 15. Copyright © D-Wave Systems Inc. 15
  • 16. Copyright © D-Wave Systems Inc. 16 Quantum Annealing: How a D-Wave system works
  • 17. Copyright © D-Wave Systems Inc. 17 Programming Model / Quantum Machine Instruction QUBIT !" Quantum bit which participates in annealing cycle and settles into one of two possible final states: 0,1 COUPLER !"!& Physical device that allows one qubit to influence another qubit WEIGHT '"" Real-valued constant associated with each qubit, which influences the qubit’s tendency to collapse into each of its two possible final states; controlled by the programmer STRENGTH '"( Real-valued constant associated with each coupler, which controls the influence exerted by one qubit on another; controlled by the programmer OBJECTIVE )*+ Real-valued function that is minimized during the annealing cycle ,'(('"(; !") = 1 "( '"(!" !( The system samples from the 23 that minimize the objective Known as - Quadratic unconstrained binary optimization (QUBO) problem - Ising model - Unconstrained binary quadratic problem (UBQP) - Probabilistic graphical model (PGM) Note: The D-Wave 2000Q™ system added reverse annealing, which is a variant of this.
  • 18. Copyright © D-Wave Systems Inc. 18 Mapping a Problem to D-WaveOriginal form (e.g., constraints, graph (DNX)) QUBO HW-compliant QUBO QPUs Steps Best known methods • Reduce problem size Avoid O(N2) #var growth Find frozen variables • Decompose QUBO • Map to QUBO form • Reduce QUBO Various: energy impact, recomb elite • Adjust chain strength Start with algebraic setting • Post-process • Reverse spins • Change anneal offsets • Use reverse annealing Use dozen(s) Delay chains as f(length) 103 104 105 106 107 108 Cumulative annealing time (µs) 0.0 0.2 0.4 0.6 0.8 1.0 Fractionofvalleysseen DW SA QMC HFS • Embed into HW graph Avoid long chains, extend pre-embed • Tolerate low precision Bin values into discrete ranges
  • 19. Copyright © D-Wave Systems Inc. 19 Mapping MIS to QUBO Form > !"#("%#; '%) = * %# "%#'% '# Choose '% that minimize bi,j -1, if i = j 3, if i < j and ij E ⍦ 0, otherwise 0 1 2 3 4 5 6 7 8 9 10 11 0 1 2 3 4 5 6 7 8 9 10 11 -1 3 3 3 -1 3 3 3 -1 3 -1 3 3 -1 -1 3 3 -1 3 3 -1 -1 -1 3 -1 -1 0 1 2 3 4 5 6 7 8 9 10 11 https://canvas.auckland.ac.nz/courses/14782/files/563551/download?verifier=mGDAXoF3TDAKoZfnjmQ1WBRfjlB0LkTc62wAdyGO&wrap=1
  • 20. Copyright © D-Wave Systems Inc. 20 Mapping Traveling Salesperson to QUBO Form > !"#("%#; '%) = * %# "%#'% '# Choose '% that minimize 0 1 2 3 4 5 6 7 8 9 10 11 • Many formulations use “for vertex i at step k” approach, which is O(N2)
  • 21. Copyright © D-Wave Systems Inc. 21 Explicitly Hybrid Quantum/Classical Algorithms • Due to Chapuis et al. • CPU/GPUs and QPUs have drastically different natures; use each for its strengths • Use classical techniques (k-core graph and core/halo partitioning) to partition graph into subgraphs that will fit in QPU, find max clique of each – Limited to finding cliques embeddable in the QPU Chapuis, Djidjev, Hahn, and Rizk, “Finding Maximum Cliques on the D-Wave Quantum Annealer”
  • 22. Copyright © D-Wave Systems Inc. 22 Cause for Optimism • Graph coloring • Set-weighted covering • Topological sort • Graph coloring • Minimal vertex covering • Maximum weighted path cover • Multiple graph partitioning Code generation Register sufficiency Instruction scheduling Register allocation, coalescing, minimizing spill, and reuse Global reference allocation Array unification Distributed memory layout NP-hard Problems Solved in Modern Compilers
  • 23. Copyright © D-Wave Systems Inc. 23 Delivering Differentiated Performance • Today (D-Wave 2000Q™): In practice, problems of ~64 variables fit on the QPU • Next-gen D-Wave system targeted at 4-5K qubits with denser topology • Some problems shift from classically tractable to intractable between 64 and 326 variables: e.g., Markov networks (~50 today; 100s intractable) Aspect Change Effect on #variables in QMI Notes More qubits 2-2.5X more * 1.4-1.6 Denser topology 2.5X more * 2.8 Higher perf due to shorter chains QA changes TBD Lower noise, ♢ Better algs/tools * 1.3 (e.g.) RBC embedding Aggregate change * 5.46 == 326 vars ♢ Roy et al.’s “Boosting integer factoring …” showed that per-qubit advance/delay of annealing in some cases led to a 1000X performance increase (i.e., fraction of valid results) George
  • 24. Copyright © D-Wave Systems Inc. 24 Agenda • Detecting lateral movement via maximum independent set • Achieving high performance with graph kernels on a D-Wave system • Implications for cyber and other analyses
  • 25. Copyright © D-Wave Systems Inc. 25 Detecting LM via MIS is Only One Use Case • Current DWave_NetworkX kernels – Minimum vertex cover – Minimum vertex coloring – Maximum independent set – Maximum cut – Structural imbalance – Maximal matching • N.B.: graph partitioning, community detection, and maximum clique implemented by LANL https://arxiv.org/pdf/1705.03082.pdf https://arxiv.org/pdf/1801.08649.pdf
  • 26. Copyright © D-Wave Systems Inc. 26 Min Vertex Cover (MVCov) • A vertex cover V’ of an undirected graph G = (V,E) is a) a set of vertices where every edge has at least one endpoint in the vertex cover V’, b) a subset of V such that uv ∈ E ⟹ u ∈ V’ ∨ v ∈ V’ • A minimum vertex cover is a vertex cover of smallest possible size (# vertices) https://en.wikipedia.org/wiki/Vertex_cover
  • 27. Copyright © D-Wave Systems Inc. 27 Cyber Use Cases • In wireless sensor network, MVCov+ equates to a plan for installing a patch that minimizes the #rounds while preserving full observability throughout https://infoscience.epfl.ch/record/225623/files/EPFL_TH7484.pdf • MVCov is the optimal solution for worm propagation and hence for network defense Dharwadker and Pirzada, Applications of Graph Theory, ISBN 1466397098 • MVCov+ finds minimal set of strings that occur in viruses but not in normal code https://math.mit.edu/~goemans/18434S06/setcover-tamara.pdf • To make the internet more robust, want better understanding of AS-level topology, but currently BGP data is being gathered from an incomplete and biased subset of ASes. MVCov+ calculates the minimum set of watching ASes that can supply data for a comprehensive view of the internet. https://isolario.it/extra/publications/papers/BGPIncompleteness.pdf https://www.flaticon.com/free-icon/thumb-up_13979#term=thumbs up&page=1&position=86
  • 28. Copyright © D-Wave Systems Inc. 28 Related Use Case: Topological Data Analysis (TDA) • E. Munch: “Find and quantify structure in noisy, complex data.” • TDA’s Mapper capability commercialized by Ayasdi • Persistent homology capability highlights the "relative prominence of homological features in the data set”
  • 29. Copyright © D-Wave Systems Inc. 29 TDA / Persistent Homology (cont.) • Believed to have high analytic value – Can serve to identify features on which machine learning learns • Core kernels include: – Wasserstein (earthmover) distance between two distributions – minimum clique cover • To date, min clique cover has been so expensive to compute that #dimensions analyzed is sharply limited, reducing analytic value • D-Wave implementation of Wasserstein distance by Berwald et al. • Exploring open-source release J. Berwald, J. Gottlieb, E. Munch. Quantum Computation in a Topological Data Analysis Pipeline, https://www.dwavesys.com/sites/default/files/10_Tues_PM_TopPipe.pdf
  • 30. Copyright © D-Wave Systems Inc. 30 We implemented a compute-intensive graph kernel that finds lateral-movement-like behavior in netflow data and can execute quantumly in part. We sketch the remaining work to deliver quantum acceleration from graph kernels. We believe this enables a valuable new set of tools for cyber analysts.
  • 31. Copyright © D-Wave Systems Inc. 31
  • 32. Copyright © D-Wave Systems Inc. 32 For More Information, See D-Wave Users Group Presentations: • 2018 (N.America): https://www.dwavesys.com/qubits-north-america-2018 • 2018 (European): https://www.dwavesys.com/qubits-europe-2018 • 2017: http://dwavefederal.com/qubits-2017/ • 2016: https://dl.dropboxusercontent.com/u/127187/User%20Group%20Presentatio ns-selected/Qubits_User_Group_Presentations_Index.html LANL Rapid Response Projects: • http://www.lanl.gov/projects//national-security-education- center/information-science-technology/dwave/index.php