TriageHD: A Hyper-Dimensional Learning-to-Rank Framework for Dynamic Micro-Segmentation in Zero-Trust Network Security
Network security faces major challenges from sophisticated cyber attacks that exploit lateral movement and evade traditional network intrusion detection mechanisms. To address these challenges, micro-segmentation has proven to be an effective defense strategy for isolating network components and lim...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/11096592/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849390138545668096 |
|---|---|
| author | Ryozo Masukawa Sanggeon Yun Sungheon Jeong Nathaniel D. Bastian Mohsen Imani |
| author_facet | Ryozo Masukawa Sanggeon Yun Sungheon Jeong Nathaniel D. Bastian Mohsen Imani |
| author_sort | Ryozo Masukawa |
| collection | DOAJ |
| description | Network security faces major challenges from sophisticated cyber attacks that exploit lateral movement and evade traditional network intrusion detection mechanisms. To address these challenges, micro-segmentation has proven to be an effective defense strategy for isolating network components and limiting breach propagation. This paper presents TriageHD, a novel framework that integrates graph-based Hyper-Dimensional Computing (HDC) with a learning-to-rank algorithm to strengthen zero-trust network security. TriageHD constructs dynamic scene graphs from time-based network flow data, integrating feature representations extracted via a self-attention-based payload encoder. It employs a learning-to-rank algorithm with an approximated nDCG loss function, incorporating time-aware relevance and graph-aware HDC to prioritize nodes for segregation, thereby mitigating attack propagation. Experiments on the CIC-IDS-2017 dataset demonstrate that TriageHD outperforms state-of-the-art graph neural networks, including graph convolutional networks, graph attention networks, and graph transformer models, in threat prioritization accuracy. By providing a dynamic micro-segmentation approach, TriageHD significantly enhances automated threat detection and response. This work bridges traditional network security measures with zero-trust paradigms, laying the groundwork for future advancements in dynamic micro-segmentation. |
| format | Article |
| id | doaj-art-06b126d390704ac781ec10c8b8c3d4e7 |
| institution | Kabale University |
| issn | 2169-3536 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-06b126d390704ac781ec10c8b8c3d4e72025-08-20T03:41:46ZengIEEEIEEE Access2169-35362025-01-011313680613681510.1109/ACCESS.2025.359287711096592TriageHD: A Hyper-Dimensional Learning-to-Rank Framework for Dynamic Micro-Segmentation in Zero-Trust Network SecurityRyozo Masukawa0https://orcid.org/0009-0009-8988-1388Sanggeon Yun1https://orcid.org/0000-0002-0488-9666Sungheon Jeong2https://orcid.org/0000-0003-3540-7065Nathaniel D. Bastian3https://orcid.org/0000-0001-9957-2778Mohsen Imani4https://orcid.org/0000-0002-5761-0622Department of Computer Science, University of California at Irvine, Irvine, CA, USADepartment of Computer Science, University of California at Irvine, Irvine, CA, USADepartment of Computer Science, University of California at Irvine, Irvine, CA, USAUnited States Military Academy, West Point, NY, USADepartment of Computer Science, University of California at Irvine, Irvine, CA, USANetwork security faces major challenges from sophisticated cyber attacks that exploit lateral movement and evade traditional network intrusion detection mechanisms. To address these challenges, micro-segmentation has proven to be an effective defense strategy for isolating network components and limiting breach propagation. This paper presents TriageHD, a novel framework that integrates graph-based Hyper-Dimensional Computing (HDC) with a learning-to-rank algorithm to strengthen zero-trust network security. TriageHD constructs dynamic scene graphs from time-based network flow data, integrating feature representations extracted via a self-attention-based payload encoder. It employs a learning-to-rank algorithm with an approximated nDCG loss function, incorporating time-aware relevance and graph-aware HDC to prioritize nodes for segregation, thereby mitigating attack propagation. Experiments on the CIC-IDS-2017 dataset demonstrate that TriageHD outperforms state-of-the-art graph neural networks, including graph convolutional networks, graph attention networks, and graph transformer models, in threat prioritization accuracy. By providing a dynamic micro-segmentation approach, TriageHD significantly enhances automated threat detection and response. This work bridges traditional network security measures with zero-trust paradigms, laying the groundwork for future advancements in dynamic micro-segmentation.https://ieeexplore.ieee.org/document/11096592/Zero-trustnetwork securitydynamic micro-segmentationgraph neural networkhyper-dimensional computinglearning-to-rank algorithm |
| spellingShingle | Ryozo Masukawa Sanggeon Yun Sungheon Jeong Nathaniel D. Bastian Mohsen Imani TriageHD: A Hyper-Dimensional Learning-to-Rank Framework for Dynamic Micro-Segmentation in Zero-Trust Network Security IEEE Access Zero-trust network security dynamic micro-segmentation graph neural network hyper-dimensional computing learning-to-rank algorithm |
| title | TriageHD: A Hyper-Dimensional Learning-to-Rank Framework for Dynamic Micro-Segmentation in Zero-Trust Network Security |
| title_full | TriageHD: A Hyper-Dimensional Learning-to-Rank Framework for Dynamic Micro-Segmentation in Zero-Trust Network Security |
| title_fullStr | TriageHD: A Hyper-Dimensional Learning-to-Rank Framework for Dynamic Micro-Segmentation in Zero-Trust Network Security |
| title_full_unstemmed | TriageHD: A Hyper-Dimensional Learning-to-Rank Framework for Dynamic Micro-Segmentation in Zero-Trust Network Security |
| title_short | TriageHD: A Hyper-Dimensional Learning-to-Rank Framework for Dynamic Micro-Segmentation in Zero-Trust Network Security |
| title_sort | triagehd a hyper dimensional learning to rank framework for dynamic micro segmentation in zero trust network security |
| topic | Zero-trust network security dynamic micro-segmentation graph neural network hyper-dimensional computing learning-to-rank algorithm |
| url | https://ieeexplore.ieee.org/document/11096592/ |
| work_keys_str_mv | AT ryozomasukawa triagehdahyperdimensionallearningtorankframeworkfordynamicmicrosegmentationinzerotrustnetworksecurity AT sanggeonyun triagehdahyperdimensionallearningtorankframeworkfordynamicmicrosegmentationinzerotrustnetworksecurity AT sungheonjeong triagehdahyperdimensionallearningtorankframeworkfordynamicmicrosegmentationinzerotrustnetworksecurity AT nathanieldbastian triagehdahyperdimensionallearningtorankframeworkfordynamicmicrosegmentationinzerotrustnetworksecurity AT mohsenimani triagehdahyperdimensionallearningtorankframeworkfordynamicmicrosegmentationinzerotrustnetworksecurity |