CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 12538 > Article
Presentation + Paper
12 June 2023 Graph representation learning for context-aware network intrusion detection
Augustine Premkumar, Madeleine Schneider, Carlton Spivey, John Pavlik, Nathaniel D. Bastian
Author Affiliations +
Proceedings Volume 12538, Artificial Intelligence and Machine Learning for Multi-Domain Operations Applications V; 125380H (2023) https://doi.org/10.1117/12.2663162
Event: SPIE Defense + Commercial Sensing, 2023, Orlando, Florida, United States
Abstract
Detecting malicious activity using a network intrusion detection system (NIDS) is an ongoing battle for the cyber defender. Increasingly, cyber-attacks are sophisticated and occur rapidly, necessitating the use of machine/deep learning (ML/DL) techniques for network intrusion detection. Traditional ML/DL techniques for NIDS classifiers, however, are often unable to sufficiently find context-driven similarities between the various network flows and/or packet captures. In this work, we leverage graph representation learning (GRL) techniques to successfully detect adversarial intrusions by exploiting the graph structure of NIDS data to derive context awareness, as graphs are a universal language for describing entities and their relationships. We explore several methods for NIDS data graph representation at both the network flow and packet level utilizing the CIC-IDS2017 dataset. We leverage graph neural networks and graph embedding algorithms to create a context-aware network intrusion detection system. Results indicate that adding context derived from GRL improves performance for detecting attacks. Our highest-scoring classifier incorporated both GNN embeddings and flow-level features and achieved an accuracy of 99.9%. Adding GRL methods to augment the flow/packet features improved accuracy by as much as 52.41%.
Conference Presentation
© (2023) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Augustine Premkumar, Madeleine Schneider, Carlton Spivey, John Pavlik, and Nathaniel D. Bastian "Graph representation learning for context-aware network intrusion detection", Proc. SPIE 12538, Artificial Intelligence and Machine Learning for Multi-Domain Operations Applications V, 125380H (12 June 2023); https://doi.org/10.1117/12.2663162
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 11 PAGES + PRESENTATION
DOWNLOAD PAPER SAVE TO MY LIBRARY
WATCH
PRESENTATION
GET CITATION
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Machine learning
Computer intrusion detection
Data modeling
Decision trees
Neural networks
RELATED CONTENT
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top