i-manager Publications

Process Tree Analysis using GraphDB

Anchal Singh*, Prachi Chauhan**

*-** Department of Computer Science and Engineering, S R Institute of Management and Technology, Lucknow, Uttar Pradesh, India.

Periodicity:July - September'2025

Abstract

In modern cybersecurity and system monitoring, understanding the behavior and relationships between processes is essential for detecting anomalies, malware, and suspicious activities. Traditional relational databases have trouble showing complex hierarchies or linked process relationships. This paper introduces a method for analyzing process trees using a graph database, which provides a natural and efficient way to model and query the structure of processes. By representing processes, hosts, and users as distinct nodes and linking them through edges that capture relationships like parent–child processes, host-to-process connections, and user-to-process associations, a graph database allows fast traversal and provides rich contextual insights and deeper analysis of process trees. This approach helps in finding odd process behaviors, tracking where processes come from, and making it easier to look into threats. This method works well in places where there's a lot of changing and linked data, like in endpoint detection and response systems. Testing outcomes show how Graph DB successfully streamlines intricate process tree examination while boosting query speed when compared to conventional approaches.

Keywords

Graph DB, Graph Databases, EDR, RDBMS, SQL.

How to Cite this Article?

Singh, A., and Chauhan, P. (2025). Process Tree Analysis using Graphdb. i-manager’s Journal on Software Engineering, 20(1), 20-26.

References

[1]. Angles, R., & Gutierrez, C. (2008). Survey of graph database models. ACM Computing Surveys (CSUR), 40(1), 1-39.

[2]. Chen, Y. (2016). Comparison of Graph Databases and Relational Databases When Handling Large-Scale Social Data (Doctoral dissertation, University of Saskatchewan).

[3]. Garcia-Molina, H. (2008). Database Systems: The Complete Book. Pearson Education India.

[4]. Jones, S. B., & Sinclair, A. F. (1989). Functional programming and operating systems. The Computer Journal, 32(2), 162-174.

[5]. Kumar, A. (2019). Implementing Real Time Recommendation Systems Using Graph Algorithms & Exploring Graph Analytics in a Graph Database Platform (Neo4j) (Doctoral dissertation, Dublin Business School).

[6]. Kumar, V., Sinha, D., & Das, A. K. (2023). Cyber-attack detection applying machine learning approach. In Applications of Mathematical Modeling, Machine Learning, and Intelligent Computing for Industrial Development (pp. 159-178). CRC Press.

[7]. Macák, M., Daubner, L., Sani, M. F., & Buhnova, B. (2022). Cybersecurity analysis via process mining: A systematic literature review. In International Conference on Advanced Data Mining and Applications (pp. 393- 407).

[8]. Macák, M., Daubner, L., Sani, M. F., & Buhnova, B. (2022). Cybersecurity analysis via process mining: A systematic literature review. In International Conference on Advanced Data Mining and Applications (pp. 393- 407).

[9]. Microsoft. (2025). What is Endpoint Detection and Response (EDR)?

[10]. Nour, B., Pourzandi, M., & Debbabi, M. (2023). A survey on threat hunting in enterprise networks. IEEE Communications Surveys & Tutorials, 25(4), 2299-2324.

[11]. Ordonez, C. (2005, June). Optimizing recursive queries in SQL. In Proceedings of the 2005 ACM SIGMOD International Conference on Management of Data (pp. 834-839).

[12]. Robinson, I., Webber, J., & Eifrem, E. (2015). Graph Databases: New Opportunities for Connected Data. O'Reilly Media, Inc.

[13]. Yan, B., Yang, C., Shi, C., Fang, Y., Li, Q., Ye, Y., & Du, J. (2023). Graph mining for cybersecurity: A survey. ACM Transactions on Knowledge Discovery from Data, 18(2), 1- 52.

	North Americas,UK, Middle East,Europe		India	Rest of world
	USD	EUR	INR	USD-ROW
Pdf	35	35	200	20
Online	15	15	200	15
Pdf & Online	35	35	400	25

Process Tree Analysis using GraphDB

Abstract

Keywords

How to Cite this Article?

References

If you have access to this article please login to view the article or kindly login to purchase the article

Purchase Instant Access

Options for accessing this content: