Using Graph Theory for Improving Machine Learning-based Detection of
Cyber Attacks
- URL: http://arxiv.org/abs/2402.07878v1
- Date: Mon, 12 Feb 2024 18:44:02 GMT
- Title: Using Graph Theory for Improving Machine Learning-based Detection of
Cyber Attacks
- Authors: Giacomo Zonneveld, Lorenzo Principi, Marco Baldi
- Abstract summary: Early detection of network intrusions and cyber threats is one of the main pillars of cybersecurity.
One of the most effective approaches for this purpose is to analyze network traffic with the help of artificial intelligence algorithms.
- Score: 4.465883551216819
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Early detection of network intrusions and cyber threats is one of the main
pillars of cybersecurity. One of the most effective approaches for this purpose
is to analyze network traffic with the help of artificial intelligence
algorithms, with the aim of detecting the possible presence of an attacker by
distinguishing it from a legitimate user. This is commonly done by collecting
the traffic exchanged between terminals in a network and analyzing it on a
per-packet or per-connection basis. In this paper, we propose instead to
perform pre-processing of network traffic under analysis with the aim of
extracting some new metrics on which we can perform more efficient detection
and overcome some limitations of classical approaches. These new metrics are
based on graph theory, and consider the network as a whole, rather than
focusing on individual packets or connections. Our approach is validated
through experiments performed on publicly available data sets, from which it
results that it can not only overcome some of the limitations of classical
approaches, but also achieve a better detection capability of cyber threats.
Related papers
- Edge-Only Universal Adversarial Attacks in Distributed Learning [49.546479320670464]
In this work, we explore the feasibility of generating universal adversarial attacks when an attacker has access to the edge part of the model only.
Our approach shows that adversaries can induce effective mispredictions in the unknown cloud part by leveraging key features on the edge side.
Our results on ImageNet demonstrate strong attack transferability to the unknown cloud part.
arXiv Detail & Related papers (2024-11-15T11:06:24Z) - Advancing Security in AI Systems: A Novel Approach to Detecting
Backdoors in Deep Neural Networks [3.489779105594534]
backdoors can be exploited by malicious actors on deep neural networks (DNNs) and cloud services for data processing.
Our approach leverages advanced tensor decomposition algorithms to meticulously analyze the weights of pre-trained DNNs and distinguish between backdoored and clean models.
This advancement enhances the security of deep learning and AI in networked systems, providing essential cybersecurity against evolving threats in emerging technologies.
arXiv Detail & Related papers (2024-03-13T03:10:11Z) - Efficient Network Representation for GNN-based Intrusion Detection [2.321323878201932]
The last decades have seen a growth in the number of cyber-attacks with severe economic and privacy damages.
We propose a novel network representation as a graph of flows that aims to provide relevant topological information for the intrusion detection task.
We present a Graph Neural Network (GNN) based framework responsible for exploiting the proposed graph structure.
arXiv Detail & Related papers (2023-09-11T16:10:12Z) - Unsupervised Abnormal Traffic Detection through Topological Flow
Analysis [1.933681537640272]
topological connectivity component of a malicious flow is less exploited.
We present a simple method that facilitate the use of connectivity graph features in unsupervised anomaly detection algorithms.
arXiv Detail & Related papers (2022-05-14T18:52:49Z) - Graph-based Solutions with Residuals for Intrusion Detection: the
Modified E-GraphSAGE and E-ResGAT Algorithms [0.0]
This paper presents two novel graph-based solutions for intrusion detection, the modified E-GraphSAGE, and E-ResGATalgorithms.
The key idea is to integrate residual learning into the GNN leveraging the available graph information.
An extensive experimental evaluation of four recent intrusion detection datasets shows the excellent performance of our approaches.
arXiv Detail & Related papers (2021-11-26T16:51:37Z) - NF-GNN: Network Flow Graph Neural Networks for Malware Detection and
Classification [11.624780336645006]
Malicious software (malware) poses an increasing threat to the security of communication systems.
We present three variants of our base model, which all support malware detection and classification in supervised and unsupervised settings.
Experiments on four different prediction tasks consistently demonstrate the advantages of our approach and show that our graph neural network model can boost detection performance by a significant margin.
arXiv Detail & Related papers (2021-03-05T20:54:38Z) - Anomaly Detection on Attributed Networks via Contrastive Self-Supervised
Learning [50.24174211654775]
We present a novel contrastive self-supervised learning framework for anomaly detection on attributed networks.
Our framework fully exploits the local information from network data by sampling a novel type of contrastive instance pair.
A graph neural network-based contrastive learning model is proposed to learn informative embedding from high-dimensional attributes and local structure.
arXiv Detail & Related papers (2021-02-27T03:17:20Z) - Increasing the Confidence of Deep Neural Networks by Coverage Analysis [71.57324258813674]
This paper presents a lightweight monitoring architecture based on coverage paradigms to enhance the model against different unsafe inputs.
Experimental results show that the proposed approach is effective in detecting both powerful adversarial examples and out-of-distribution inputs.
arXiv Detail & Related papers (2021-01-28T16:38:26Z) - Bayesian Optimization with Machine Learning Algorithms Towards Anomaly
Detection [66.05992706105224]
In this paper, an effective anomaly detection framework is proposed utilizing Bayesian Optimization technique.
The performance of the considered algorithms is evaluated using the ISCX 2012 dataset.
Experimental results show the effectiveness of the proposed framework in term of accuracy rate, precision, low-false alarm rate, and recall.
arXiv Detail & Related papers (2020-08-05T19:29:35Z) - ESPN: Extremely Sparse Pruned Networks [50.436905934791035]
We show that a simple iterative mask discovery method can achieve state-of-the-art compression of very deep networks.
Our algorithm represents a hybrid approach between single shot network pruning methods and Lottery-Ticket type approaches.
arXiv Detail & Related papers (2020-06-28T23:09:27Z) - Firearm Detection and Segmentation Using an Ensemble of Semantic Neural
Networks [62.997667081978825]
We present a weapon detection system based on an ensemble of semantic Convolutional Neural Networks.
A set of simpler neural networks dedicated to specific tasks requires less computational resources and can be trained in parallel.
The overall output of the system given by the aggregation of the outputs of individual networks can be tuned by a user to trade-off false positives and false negatives.
arXiv Detail & Related papers (2020-02-11T13:58:16Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.