TriageHD: A Hyper-Dimensional Learning-to-Rank Framework for Dynamic Micro-Segmentation in Zero-Trust Network Security

Network security faces major challenges from sophisticated cyber attacks that exploit lateral movement and evade traditional network intrusion detection mechanisms. To address these challenges, micro-segmentation has proven to be an effective defense strategy for isolating network components and lim...

Full description

Saved in:
Bibliographic Details
Main Authors: Ryozo Masukawa, Sanggeon Yun, Sungheon Jeong, Nathaniel D. Bastian, Mohsen Imani
Format: Article
Language:English
Published: IEEE 2025-01-01
Series:IEEE Access
Subjects:
Online Access:https://ieeexplore.ieee.org/document/11096592/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Network security faces major challenges from sophisticated cyber attacks that exploit lateral movement and evade traditional network intrusion detection mechanisms. To address these challenges, micro-segmentation has proven to be an effective defense strategy for isolating network components and limiting breach propagation. This paper presents TriageHD, a novel framework that integrates graph-based Hyper-Dimensional Computing (HDC) with a learning-to-rank algorithm to strengthen zero-trust network security. TriageHD constructs dynamic scene graphs from time-based network flow data, integrating feature representations extracted via a self-attention-based payload encoder. It employs a learning-to-rank algorithm with an approximated nDCG loss function, incorporating time-aware relevance and graph-aware HDC to prioritize nodes for segregation, thereby mitigating attack propagation. Experiments on the CIC-IDS-2017 dataset demonstrate that TriageHD outperforms state-of-the-art graph neural networks, including graph convolutional networks, graph attention networks, and graph transformer models, in threat prioritization accuracy. By providing a dynamic micro-segmentation approach, TriageHD significantly enhances automated threat detection and response. This work bridges traditional network security measures with zero-trust paradigms, laying the groundwork for future advancements in dynamic micro-segmentation.
ISSN:2169-3536