Spectral graph analysis of bipartite graphs for advanced attack detection
In European interdisciplinary cybersecurity conference (EICC25)
Abstract
Spectral graph theory offers powerful tools for understanding graph properties through spectral signatures. This work leverages the inherent link between graph topology and spectral characteristics to enhance anomaly detection in network traffic, particularly in medical IoT networks. We introduce SPECTRA, a spectral graph analysis technique designed to detect anomalies in dynamic and complex network structures. This method incorporates five spectral metrics, including the newly proposed BiFlowness metric derived from Singular Value Decomposition (SVD), which captures the f low dynamics within bipartite graph topologies. By combining these spectral metrics, SPECTRA provides a comprehensive model for detecting and analyzing advanced cyberattack patterns, such as multistep intrusions, in critical systems. Focusing on hybrid topologies that integrate star and bipartite structures, this technique applies spectral analysis to evolving networks, enabling the detection of attacks (port scanning, fingerprinting) over time. Performed experiments validate the effectiveness of SPECTRA across IoT datasets, demonstrating its superiority in identifying attack behaviors. The proposed approach aligns with the critical demands of medical IoT environments by providing a good threat detection procedure to enhance security in sensitive networks.