Complex Network Analysis in Security

A special issue of Information (ISSN 2078-2489). This special issue belongs to the section "Information Applications".

Deadline for manuscript submissions: 30 September 2025 | Viewed by 10126

Special Issue Editor

Department of Software and Information Systems Engineering, Ben-Gurion University of the Negev, Beer-Sheva, Israel
Interests: complex networks; cyber security; social networks; biological networks; cyberbiosecurity

Special Issue Information

Dear Colleagues,

Complex networks are an interdisciplinary field of study that has penetrated biology, social sciences, communication, transportation, cyber security, and many more. Networks are everywhere. They provide important non-trivial clues about the underlying processes that led to their formation. Network analysis helps with assessing the structure and function of complex systems, finding their vulnerabilities, and increasing robustness.

Many problems related to physical and cybersecurity can be modeled using networks. Consider, for example, a police chase: choosing the optimal locations for roadblocks is a problem in complex networks. In cybersecurity, attack graphs model the vulnerabilities and protections inside an organization, allowing the investigator to find the most probable attack paths or optimize the deployment of security patches. In social networks, deep learning on graphs helps to identify fake profiles and disinformation campaigns.

Problems related to networks and security are abundant, but so are the tools to solve them. The network science toolbox includes deep learning algorithms, optimization algorithms, generative random network models, percolation analysis, centrality analysis, and many more.

This Special Issue solicits original research and review articles that describe new problems or solve existing ones using tools from network science. 

Everything that is related to network science and security is in scope, including but limited to:

  • Complex networks
  • Communication networks
  • Transportation networks
  • Monitoring optimization
  • Interception optimization
  • Cybersecurity
  • Knowledge graphs
  • Ontology
  • Threat intelligence
  • Propagation analysis
  • Malware analysis
  • Static analysis
  • Dynamic analysis
  • Control flow graphs
  • Data flow analysis
  • Dependency graphs
  • Attack graphs
  • Forensic investigation
  • Visualization
  • Social networks
  • Disinformation
  • Fake profiles
  • Social cascade
  • Terrorist networks
  • Deep learning on graphs
  • Graph embedding
  • Subgraph embedding
  • Node embedding

Dr. Rami Puzis
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Information is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • complex networks
  • communication networks
  • transportation networks
  • monitoring optimization
  • interception optimization
  • cybersecurity
  • knowledge graphs
  • ontology
  • threat intelligence
  • propagation analysis
  • malware analysis
  • static analysis
  • dynamic analysis
  • control flow graphs
  • data flow analysis
  • dependency graphs
  • attack graphs
  • forensic investigation
  • visualization
  • social networks
  • disinformation
  • fake profiles
  • social cascade
  • terrorist networks
  • deep learning on graphs
  • graph embedding
  • subgraph embedding
  • node embedding

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue polices can be found here.

Published Papers (4 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

16 pages, 1552 KiB  
Article
Directed Criminal Networks: Temporal Analysis and Disruption
by Efstathios Konstantinos Anastasiadis and Ioannis Antoniou
Information 2024, 15(2), 84; https://doi.org/10.3390/info15020084 - 4 Feb 2024
Cited by 4 | Viewed by 1722
Abstract
We extend network analysis to directed criminal networks in the context of asymmetric links. We computed selected centralities, centralizations and the assortativity of a drug trafficking network with 110 nodes and 295 edges. We also monitored the centralizations of eleven temporal networks corresponding [...] Read more.
We extend network analysis to directed criminal networks in the context of asymmetric links. We computed selected centralities, centralizations and the assortativity of a drug trafficking network with 110 nodes and 295 edges. We also monitored the centralizations of eleven temporal networks corresponding to successive stages of investigation during the period 1994–1996. All indices reach local extrema at the stage of highest activity, extending previous results to directed networks. The sharpest changes (90%) are observed for betweenness and in-degree centralization. A notable difference between entropies is observed: the in-degree entropy reaches a global minimum at month 12, while the out-degree entropy reaches a global maximum. This confirms that at the stage of highest activity, incoming instructions are precise and focused, while outgoing instructions are diversified. These findings are expected to be useful for alerting the authorities to increasing criminal activity. The disruption simulations on the time-averaged network extend previous results on undirected networks to directed networks. Full article
(This article belongs to the Special Issue Complex Network Analysis in Security)
Show Figures

Figure 1

28 pages, 4717 KiB  
Article
ABAC Policy Mining through Affiliation Networks and Biclique Analysis
by Abner Perez-Haro and Arturo Diaz-Perez
Information 2024, 15(1), 45; https://doi.org/10.3390/info15010045 - 12 Jan 2024
Viewed by 1336
Abstract
Policy mining is an automated procedure for generating access rules by means of mining patterns from single permissions, which are typically registered in access logs. Attribute-based access control (ABAC) is a model which allows security administrators to create a set of rules, known [...] Read more.
Policy mining is an automated procedure for generating access rules by means of mining patterns from single permissions, which are typically registered in access logs. Attribute-based access control (ABAC) is a model which allows security administrators to create a set of rules, known as the access control policy, to restrict access in information systems by means of logical expressions defined through the attribute–values of three types of entities: users, resources, and environmental conditions. The application of policy mining in large-scale systems oriented towards ABAC is a must because it is not workable to create rules by hand when the system requires the management of thousands of users and resources. In the literature on ABAC policy mining, current solutions follow a frequency-based strategy to extract rules; the problem with that approach is that selecting a high-frequency support leaves many resources without rules (especially those with few requesters), and a low support leads to the rule explosion of unreliable rules. Another challenge is the difficulty of collecting a set of test examples for correctness evaluation, since the classes of user–resource pairs available in logs are imbalanced. Moreover, alternative evaluation criteria for correctness, such as peculiarity and diversity, have not been explored for ABAC policy mining. To address these challenges, we propose the modeling of access logs as affiliation networks for applying network and biclique analysis techniques (1) to extract ABAC rules supported by graph patterns without a frequency threshold, (2) to generate synthetic examples for correctness evaluation, and (3) to create alternative evaluation measures to correctness. We discovered that the rules extracted through our strategy can cover more resources than the frequency-based strategy and perform this without rule explosion; moreover, our synthetics are useful for increasing the certainty level of correctness results. Finally, our alternative measures offer a wider evaluation profile for policy mining. Full article
(This article belongs to the Special Issue Complex Network Analysis in Security)
Show Figures

Figure 1

29 pages, 4177 KiB  
Article
Interoperability and Targeted Attacks on Terrorist Organizations Using Intelligent Tools from Network Science
by Alexandros Z. Spyropoulos, Evangelos Ioannidis and Ioannis Antoniou
Information 2023, 14(10), 580; https://doi.org/10.3390/info14100580 - 21 Oct 2023
Cited by 2 | Viewed by 2839
Abstract
The early intervention of law enforcement authorities to prevent an impending terrorist attack is of utmost importance to ensuring economic, financial, and social stability. From our previously published research, the key individuals who play a vital role in terrorist organizations [...] Read more.
The early intervention of law enforcement authorities to prevent an impending terrorist attack is of utmost importance to ensuring economic, financial, and social stability. From our previously published research, the key individuals who play a vital role in terrorist organizations can be timely revealed. The problem now is to identify which attack strategy (node removal) is the most damaging to terrorist networks, making them fragmented and therefore, unable to operate under real-world conditions. We examine several attack strategies on 4 real terrorist networks. Each node removal strategy is based on: (i) randomness (random node removal), (ii) high strength centrality, (iii) high betweenness centrality, (iv) high clustering coefficient centrality, (v) high recalculated strength centrality, (vi) high recalculated betweenness centrality, (vii) high recalculated clustering coefficient centrality. The damage of each attack strategy is evaluated in terms of Interoperability, which is defined based on the size of the giant component. We also examine a greedy algorithm, which removes the node corresponding to the maximal decrease of Interoperability at each step. Our analysis revealed that removing nodes based on high recalculated betweenness centrality is the most harmful. In this way, the Interoperability of the communication network drops dramatically, even if only two nodes are removed. This valuable insight can help law enforcement authorities in developing more effective intervention strategies for the early prevention of impending terrorist attacks. Results were obtained based on real data on social ties between terrorists (physical face-to-face social interactions). Full article
(This article belongs to the Special Issue Complex Network Analysis in Security)
Show Figures

Figure 1

27 pages, 8062 KiB  
Article
Analyzing Global Geopolitical Stability in Terms of World Trade Network Analysis
by Georgios D. Papadopoulos, Lykourgos Magafas, Konstantinos Demertzis and Ioannis Antoniou
Information 2023, 14(8), 442; https://doi.org/10.3390/info14080442 - 4 Aug 2023
Cited by 4 | Viewed by 2242
Abstract
The global economy operates as a complex and interconnected system, necessitating the application of sophisticated network methods for analysis. This study examines economic data from all countries across the globe, representing each country as a node and its exports as links, covering the [...] Read more.
The global economy operates as a complex and interconnected system, necessitating the application of sophisticated network methods for analysis. This study examines economic data from all countries across the globe, representing each country as a node and its exports as links, covering the period from 2008 to 2019. Through the computation of relevant indices, we can discern shifts in countries’ positions within the world trade network. By interpreting these changes through geopolitical perspectives, we can gain a deeper understanding of their root causes. The analysis reveals a notable trend of slow growth in the world trade network. Additionally, an intriguing observation emerges: countries naturally form stable groups, shedding light on the underlying structure of global trade relations. Furthermore, this research highlights the trade balance as a reflection of geopolitical strength, making it a valuable contribution to the study of the evolution of global geopolitical stability. Full article
(This article belongs to the Special Issue Complex Network Analysis in Security)
Show Figures

Figure 1

Back to TopTop