Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
144 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
46 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Integrating Graph Neural Networks with Scattering Transform for Anomaly Detection (2404.10800v3)

Published 16 Apr 2024 in cs.CR, cs.AI, and cs.LG

Abstract: In this paper, we present two novel methods in Network Intrusion Detection Systems (NIDS) using Graph Neural Networks (GNNs). The first approach, Scattering Transform with E-GraphSAGE (STEG), utilizes the scattering transform to conduct multi-resolution analysis of edge feature vectors. This provides a detailed representation that is essential for identifying subtle anomalies in network traffic. The second approach improves node representation by initiating with Node2Vec, diverging from standard methods of using uniform values, thereby capturing a more accurate and holistic network picture. Our methods have shown significant improvements in performance compared to existing state-of-the-art methods in benchmark NIDS datasets.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (23)
  1. S. Mallat, “Group invariant scattering,” Communications on Pure and Applied Mathematics, vol. 65, no. 10, pp. 1331–1398, 2012.
  2. A. A. Al-Taee, R. N. Khushaba, T. Zia, and A. Al-Jumaily, “Feature extraction using wavelet scattering transform coefficients for EMG pattern classification,” in Australasian Joint Conference on Artificial Intelligence, pp. 181–189, 2022, Springer.
  3. M. Ahmed, R. Seraj, and S. M. S. Islam, “The k-means algorithm: A comprehensive survey and performance evaluation,” Electronics, vol. 9, no. 8, pp. 1295, 2020, MDPI.
  4. M. Sarhan, S. Layeghy, and M. Portmann, “Towards a standard feature set for network intrusion detection system datasets,” Mobile Networks and Applications, vol. 27, no. 1, pp. 357–370, 2022, Springer.
  5. E. Caville, W. W. Lo, S. Layeghy, and M. Portmann, “Anomal-E: A self-supervised network intrusion detection system based on graph neural networks,” Knowledge-Based Systems, vol. 258, pp. 110030, 2022, Elsevier.
  6. M. Goldstein and A. Dengel, “Histogram-based outlier score (hbos): A fast unsupervised anomaly detection algorithm,” KI-2012: poster and demo track, vol. 9, 2012, Citeseer.
  7. Z. He, X. Xu, and S. Deng, “Discovering cluster-based local outliers,” Pattern recognition letters, vol. 24, no. 9-10, pp. 1641–1650, 2003, Elsevier.
  8. Y. Chabchoub, M. U. Togbe, A. Boly, and R. Chiky, “An in-depth study and improvement of Isolation Forest,” IEEE Access, vol. 10, pp. 10219–10237, 2022, IEEE.
  9. M. Shyu, S. Chen, K. Sarinnapakorn, and L. Chang, “A novel anomaly detection scheme based on principal component classifier,” Miami Univ Coral Gables Fl Dept of Electrical and Computer Engineering, 2003.
  10. S. Layeghy and M. Portmann, “On Generalisability of Machine Learning-based Network Intrusion Detection Systems,” arXiv, 2022. [Online]. Available: https://arxiv.org/abs/2205.04112
  11. Y. Qu, T. Liu, J. Chi, Y. Jin, D. Cui, A. He, and Q. Zheng, “node2defect: Using network embedding to improve software defect prediction,” in Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering, 2018, pp. 844–849.
  12. W. L. Hamilton, R. Ying, and J. Leskovec, “Inductive representation learning on large graphs,” in Advances in Neural Information Processing Systems, 2017, arXiv:1706.02216.
  13. W. W. Lo, S. Layeghy, M. Sarhan, M. Gallagher, and M. Portmann, “E-GraphSAGE: A Graph Neural Network based Intrusion Detection System for IoT,” in NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium, 2022, pp. 1-9, doi: 10.1109/NOMS54207.2022.9789878.
  14. J. Zhou, Z. Xu, A. Rush, and M. Yu, “Automating Botnet Detection with Graph Neural Networks,” in 4th Workshop on Machine Learning and Systems (MLSys), 2020.
  15. A. Grover and J. Leskovec, “node2vec: Scalable feature learning for networks,” in Proceedings of the 22nd ACM SIGKDD international conference on Knowledge discovery and data mining, 2016, pp. 855–864.
  16. W. L. Hamilton, R. Ying, and J. Leskovec, “Inductive representation learning on large graphs,” in Proceedings of the 31st International Conference on Neural Information Processing Systems, 2017, pp. 1025–1035.
  17. W. W. Lo, S. Layeghy, M. Sarhan, M. R. Gallagher, and M. Portmann, “E-GraphSAGE: A Graph Neural Network based Intrusion Detection System for IoT,” in NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium, 2021, pp. 1-9. Available: https://api.semanticscholar.org/CorpusID:232417583
  18. X. Song, J. Li, Q. Lei, W. Zhao, Y. Chen, and A. Mian, “Bi-CLKT: Bi-Graph Contrastive Learning based Knowledge Tracing,” Knowledge-Based Systems, vol. 241, pp. 108274, 2022. DOI: https://doi.org/10.1016/j.knosys.2022.108274. Available: https://www.sciencedirect.com/science/article/pii/S0950705122000880
  19. X. Li, C. Xiao, Z. Feng, S. Pang, W. Tai, and F. Zhou, “Controlled graph neural networks with denoising diffusion for anomaly detection,” Expert Systems with Applications, vol. 237, p. 121533, 2024, Elsevier.
  20. M. Alshammari, J. Stavrakakis, and M. Takatsuka, “A parameter-free graph reduction for spectral clustering and SpectralNet,” Array, vol. 15, p. 100192, 2022. DOI: https://doi.org/10.1016/j.array.2022.100192. Available: https://www.sciencedirect.com/science/article/pii/S2590005622000443
  21. X. Zhang, J. Mu, X. Zhang, H. Liu, L. Zong, and Y. Li, “Deep anomaly detection with self-supervised learning and adversarial training,” Pattern Recognition, vol. 121, p. 108234, 2022, Elsevier.
  22. L. Bilge and T. Dumitraș, “Before we knew it: an empirical study of zero-day attacks in the real world,” in Proceedings of the 2012 ACM conference on Computer and communications security, pp. 833–844, 2012.
  23. S. Nagaraja, P. Mittal, C.-Y. Hong, M. Caesar, and N. Borisov, “BotGrep: Finding P2P Bots with Structured Graph Analysis,” in 19th USENIX Security Symposium (USENIX Security 10), 2010, https://www.usenix.org/conference/usenixsecurity10/botgrep-finding-p2p-bots-structured-graph-analysis.

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now