Network Anomaly Detection Using a Graph Neural Network

被引:15
作者
Kisanga, Patrice [1 ]
Woungang, Isaac [1 ]
Traore, Issa [2 ]
Carvalho, Glaucio H. S. [3 ]
机构
[1] Ryerson Univ, Dept Comp Sci, Toronto, ON, Canada
[2] Univ Victoria, Dept Elect & Comp Engn, Victoria, BC, Canada
[3] Brock Univ, Dept Comp Sci & Engn, St Catharines, ON, Canada
来源
2023 INTERNATIONAL CONFERENCE ON COMPUTING, NETWORKING AND COMMUNICATIONS, ICNC | 2023年
关键词
Anomaly detection; intrusion prevention system; intrusion detection systems; Activity and Event Network (AEN); Graph neural network (GNN); datasets; Graph convolutional network (GCN);
D O I
10.1109/ICNC57223.2023.10074111
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Contrary to the many traditional network security approaches that focus on volume-based threats, the Activity and Event Network (AEN) is a new approach built on a graph model, which addresses both volumetric attacks and long-term threats that traditional security tools cannot deal with. The AEN graph structural foundation can serve as a basis to construct a graph to be used in Graph Neural Network (GNN) for anomaly and threat detection purposes. In this paper, an AEN-based supervised Graph Convolutional Network (GCN) model is proposed, then evaluated using two labelled datasets, namely, the distributed denial of service (DDoS) and the TOR-nonTOR datasets, yielding an accuracy score of 76% with the DDoS dataset and 88% with the TOR-nonTOR dataset, respectively.
引用
收藏
页码:61 / 65
页数:5
相关论文
共 15 条
[1]  
Aldribi A, 2018, STUD BIG DATA, V39, P333, DOI 10.1007/978-3-319-73676-1_13
[2]   Anomaly detection with convolutional Graph Neural Networks [J].
Atkinson, Oliver ;
Bhardwaj, Akanksha ;
Englert, Christoph ;
Ngairangbam, Vishal S. ;
Spannowsky, Michael .
JOURNAL OF HIGH ENERGY PHYSICS, 2021, 2021 (08)
[3]   Structural Temporal Graph Neural Networks for Anomaly Detection in Dynamic Graphs [J].
Cai, Lei ;
Chen, Zhengzhang ;
Luo, Chen ;
Gui, Jiaping ;
Ni, Jingchao ;
Li, Ding .
PROCEEDINGS OF THE 30TH ACM INTERNATIONAL CONFERENCE ON INFORMATION & KNOWLEDGE MANAGEMENT, CIKM 2021, 2021, :3747-3756
[4]  
Chaudhary Anshika, 2019, 2019 International Conference on Machine Learning, Big Data, Cloud and Parallel Computing (COMITCon), P346, DOI 10.1109/COMITCon.2019.8862186
[5]  
deepai.org, RELU
[6]   Anomaly Detection with Graph Convolutional Networks for Insider Threat and Fraud Detection [J].
Jiang, Jianguo ;
Chen, Jiuming ;
Gu, Tianbo ;
Choo, Kim-Kwang Raymond ;
Liu, Chao ;
Yu, Min ;
Huang, Weiqing ;
Mohapatra, Prasant .
MILCOM 2019 - 2019 IEEE MILITARY COMMUNICATIONS CONFERENCE (MILCOM), 2019,
[7]  
Karagiannakos S, GRAPH NEURAL NETWORK
[8]   E-GraphSAGE: A Graph Neural Network based Intrusion Detection System for IoT [J].
Lo, Wai Weng ;
Layeghy, Siamak ;
Sarhan, Mohanad ;
Gallagher, Marcus ;
Portmann, Marius .
PROCEEDINGS OF THE IEEE/IFIP NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM 2022, 2022,
[9]  
Pujol-Perich D., 2021, arXiv
[10]   Unsupervised Anomaly Detection Using a New Knowledge Graph Model for Network Activity and Events [J].
Quinan, Paulo Gustavo ;
Traore, Issa ;
Gondhi, Ujwal Reddy ;
Woungang, Isaac .
MACHINE LEARNING FOR NETWORKING, MLN 2021, 2022, 13175 :117-130