E-GraphSAGE: A Graph Neural Network based Intrusion Detection System

03/30/2021
by   Wai Weng Lo, et al.
11

This paper presents a new network intrusion detection system (NIDS) based on Graph Neural Networks (GNNs). GNNs are a relatively new sub-field of deep neural networks, which have the unique ability to leverage the inherent structure of graph-based data. Training and evaluation data for NIDSs are typically represented as flow records, which can naturally be represented in a graph format. This establishes the potential and motivation for exploring GNNs for the purpose of network intrusion detection, which is the focus of this paper. E-GraphSAGE, our proposed new approach is based on the established GraphSAGE model, but provides the necessary modifications in order to support edge features for edge classification, and hence the classification of network flows into benign and attack classes. An extensive experimental evaluation based on six recent NIDS benchmark datasets shows the excellent performance of our E-GraphSAGE based NIDS in comparison with the state-of-the-art.

READ FULL TEXT

page 10

page 12

07/14/2022

Anomal-E: A Self-Supervised Network Intrusion Detection System based on Graph Neural Networks

This paper investigates Graph Neural Networks (GNNs) application for sel...
11/26/2021

Graph-based Solutions with Residuals for Intrusion Detection: the Modified E-GraphSAGE and E-ResGAT Algorithms

The high volume of increasingly sophisticated cyber threats is drawing g...
03/30/2021

Exploring Edge TPU for Network Intrusion Detection in IoT

This paper explores Google's Edge TPU for implementing a practical netwo...
10/18/2021

Intrusion-Free Graph Mixup

We present a simple and yet effective interpolation-based regularization...
07/30/2021

Unveiling the potential of Graph Neural Networks for robust Intrusion Detection

The last few years have seen an increasing wave of attacks with serious ...
01/19/2022

Graph Neural Network-based Android Malware Classification with Jumping Knowledge

This paper presents a new Android malware detection method based on Grap...
09/14/2016

"Flow Size Difference" Can Make a Difference: Detecting Malicious TCP Network Flows Based on Benford's Law

Statistical characteristics of network traffic have attracted a signific...