Integrating Graph Theoretical Approaches in Cybersecurity Education CSCI-RTED
Goksel Kucukkaya, Murat Ozer, Kazim Ciris
TL;DR
This paper addresses the scarcity of graph-focused datasets in cybersecurity education by enriching the NSL-KDD dataset with graph-theoretic features. Guided by Design Science Research, the authors construct an artifact that represents network relationships through IP-based graphs, computes centrality and community metrics, and integrates these features into the NSL-KDD dataset. The enriched dataset is evaluated using IBM Auto AI, showing effective classification and threat prediction improvements, with privacy preserved via pseudonymization and synthetic IP generation. The work provides a practical, graph-aware educational resource and a replicable workflow for combining graph mining with data-driven cybersecurity solutions, aiming to better prepare students and professionals for complex cyber environments.
Abstract
As cybersecurity threats continue to evolve, the need for advanced tools to analyze and understand complex cyber environments has become increasingly critical. Graph theory offers a powerful framework for modeling relationships within cyber ecosystems, making it highly applicable to cybersecurity. This paper focuses on the development of an enriched version of the widely recognized NSL-KDD dataset, incorporating graph-theoretical concepts to enhance its practical value. The enriched dataset provides a resource for students and professionals to engage in hands-on analysis, enabling them to explore graph-based methodologies for identifying network behavior and vulnerabilities. To validate the effectiveness of this dataset, we employed IBM Auto AI, demonstrating its capability in real-world applications such as classification and threat prediction. By addressing the need for graph-theoretical datasets, this study provides a practical tool for equipping future cybersecurity professionals with the skills necessary to confront complex cyber challenges.