Visualising of cyber crime data by Communication Structured Acyclic Nets
dc.contributor.advisor | Koutny, Maciej | |
dc.contributor.author | Alahmadi, Mohammed Saud | |
dc.date.accessioned | 2024-10-02T08:38:25Z | |
dc.date.issued | 2024-09-02 | |
dc.description.abstract | Communication Structured Acyclic Nets (CSA-nets) are a Petri net-based formalism used to represent the behaviour of Complex Evolving Systems (CES). CSA-nets, comprising sets of acyclic nets, are suitable tools for modelling and visualising the behaviour of event-based systems. Each subsystem is represented using a separate acyclic net, linked to others through a set of buffer places depicting their interactions. However, CSA-nets suffer from challenges especially in analysing and visualising CESs that have a large number of subsystems resulting from alternative and concurrent execution scenarios. Moreover, CSA-nets currently lack the capability to represent multiple or coloured tokens, thereby limiting their ability to represent several similar processes simultaneously. This thesis introduces extensions for CSA-nets to capture compactly the relationships between interacting systems’ components represented by sets of acyclic nets. Specifically, it introduces a way of folding buffer places to address the issue of a large number of buffer places. Then it introduces a new class of CSA-nets, called Parameterised Communication Structured Acyclic Nets (PCSA-nets), using multi-coloured tokens and allowing places to accept multiple tokens distinguished by parameters. The thesis also aims at improving the visualisation of csa-nets by rearranging their component acyclic nets to minimise the number of crossing arcs by taking inspiration from the main ideas behind three well-known sorting algorithms (bubble sort, insertion sort, and selection sort). Furthermore, this thesis presents a novel approach that combines TCP protocol anomaly detection with visual analysis through CSA-nets. The strategy provides a clear visualisation of cyber attack behaviours, leading a deeper understanding of Distributed Denial of Service (DDoS) patterns and their underlying causes. A new concept of Timed-Coloured Communication Structured Acyclic Nets (TCCSA-nets) is introduced, which allows elaboration of the system’s performance and emphasising the system’s operations in real-time. This approach allows for the classification of messages as abnormal if their duration exceeds a predetermined time limit. | |
dc.format.extent | 164 | |
dc.identifier.uri | https://hdl.handle.net/20.500.14154/73142 | |
dc.language.iso | en | |
dc.publisher | Newcastle University | |
dc.subject | Computer Science | |
dc.subject | Cybersecurity | |
dc.subject | Protocols | |
dc.subject | TCP | |
dc.subject | Modelling | |
dc.subject | complex system | |
dc.subject | Petri nets | |
dc.subject | visualising | |
dc.title | Visualising of cyber crime data by Communication Structured Acyclic Nets | |
dc.type | Thesis | |
sdl.degree.department | Computer Science | |
sdl.degree.discipline | Computer Science and Cybersecurity | |
sdl.degree.grantor | Newcastle University | |
sdl.degree.name | Docto of Philosophy |