 Hi, I'm Akshay Peshwe, a PhD student at the University of Maryland-Baltimore County's Computer Science and Electrical Engineering Department. My research is advised by Dr. Tim Oates. In this video, we give a brief overview of our ongoing work on community detection and associativity to assess network threats. Our proposed analytics workflow seeks to consume data in the form of logs and alerts from various network traffic sensors and apply graph theoretic and machine learning principles to assess malicious traffic patterns. Our analytics pipeline inherently supports analysis at different temporal and structural granularity. The workflow begins with the construction of directed network interaction graphs for every minute of network traffic. The graphs are composed of nodes representing hosts active on the network in a given minute and edges for each type of network interaction such as HTTP, FTP, SSH and so on. One directed edge representing the total interaction between any pair of hosts is also created. Each edge is annotated with the count of the corresponding interactions. Additionally, the edges are annotated by a vector of snot-alert class counts observed for the interactions the edges represent. Given a minute-wise network interaction graph, we apply walktrap community detection to partition the graph into high-flow density modules. These modules are characterized by malicious class vectors themselves as a consequence of the earlier annotation. Clustering of these communities based on observed malicious class vectors helps understand co-occurring malicious traffic patterns. Temporal patterns of these clusters help further understand periodic episodes and their co-occurrence thereof for any given time window. Malicious traffic classes mapped to an ordinal scale or priority index allow us to compute a priority or threat score for any network state and perform temporal analysis. Associativity analysis on host interactions mapped to a priority index provide an abstract picture of observed host priority patterns. The proposed analytics pipeline allows a holistic assessment of network traffic patterns at custom temporal granularity. Going forward, we seek to extend our work to facilitate abductive and stochastic reasoning about advanced persistent threats. Further, temporal co-occurrence of host interactions and associativity can help discover possible collusion and attack campaign signatures. This automated workflow is extendable and customizable by adding new computation blocks and an interactive human-in-the-loop experience.