SACM - United Kingdom
Permanent URI for this collectionhttps://drepo.sdl.edu.sa/handle/20.500.14154/9667
Browse
1 results
Search Results
Item Restricted Visualising of cyber crime data by Communication Structured Acyclic Nets(Newcastle University, 2024-09-02) Alahmadi, Mohammed Saud; Koutny, MaciejCommunication Structured Acyclic Nets (CSA-nets) are a Petri net-based formalism used to represent the behaviour of Complex Evolving Systems (CES). CSA-nets, comprising sets of acyclic nets, are suitable tools for modelling and visualising the behaviour of event-based systems. Each subsystem is represented using a separate acyclic net, linked to others through a set of buffer places depicting their interactions. However, CSA-nets suffer from challenges especially in analysing and visualising CESs that have a large number of subsystems resulting from alternative and concurrent execution scenarios. Moreover, CSA-nets currently lack the capability to represent multiple or coloured tokens, thereby limiting their ability to represent several similar processes simultaneously. This thesis introduces extensions for CSA-nets to capture compactly the relationships between interacting systems’ components represented by sets of acyclic nets. Specifically, it introduces a way of folding buffer places to address the issue of a large number of buffer places. Then it introduces a new class of CSA-nets, called Parameterised Communication Structured Acyclic Nets (PCSA-nets), using multi-coloured tokens and allowing places to accept multiple tokens distinguished by parameters. The thesis also aims at improving the visualisation of csa-nets by rearranging their component acyclic nets to minimise the number of crossing arcs by taking inspiration from the main ideas behind three well-known sorting algorithms (bubble sort, insertion sort, and selection sort). Furthermore, this thesis presents a novel approach that combines TCP protocol anomaly detection with visual analysis through CSA-nets. The strategy provides a clear visualisation of cyber attack behaviours, leading a deeper understanding of Distributed Denial of Service (DDoS) patterns and their underlying causes. A new concept of Timed-Coloured Communication Structured Acyclic Nets (TCCSA-nets) is introduced, which allows elaboration of the system’s performance and emphasising the system’s operations in real-time. This approach allows for the classification of messages as abnormal if their duration exceeds a predetermined time limit.35 0