Enhancing Network Anomaly Detection Using Graph Neural Networks

Marfo, William; Tosh, Deepak K.; Moore, Shirley V.

doi:10.1109/medcomnet62012.2024.10578278

Enhancing Network Anomaly Detection Using Graph Neural Networks

Conference · Tue Jun 11 00:00:00 EDT 2024 · 2024 22nd Mediterranean Communication and Computer Networking Conference (MedComNet)

DOI:https://doi.org/10.1109/medcomnet62012.2024.10578278· OSTI ID:2426922

Marfo, William ^[1]; Tosh, Deepak K. ^[2]; Moore, Shirley V. ^[2]

University of Texas at El Paso,Department of Computer Science,El Paso,USA; University of Texas at El Paso
University of Texas at El Paso,Department of Computer Science,El Paso,USA

In the world of Internet of Things (IoT) networks, where devices are constantly communicating, keeping them secure from cyber threats is critical. This paper introduces a novel approach to detecting unusual and potentially harmful activities in these networks using graph neural networks (GNNs). We combine two specific types of GNNs-GraphSAGE and graph attention networks (GAT)-to create a model that understands and represents the behaviors and interactions in a network. GraphSAGE creates an embedding of network activities by examining local data interactions, while GAT directs the model's focus to the most critical interactions. By integrating these two methods in a single model that considers different types of interactions (both host and flow nodes), we aim to create a system that accurately represents the current state of a network and can also spot anomalies effectively while reducing false positives and negatives. Our innovative approach has demonstrated promising results, achieving an accuracy of 98% on the UNSW-NB15 dataset, significantly outperforming standalone GraphSAGE and GAT models. This underscores its potential as a robust framework for securing IoT networks against cyber threats and anomalies.

View Conference

Research Organization:: University of Texas at El Paso

Sponsoring Organization:: USDOE Office of Fossil Energy and Carbon Management (FECM)

DOE Contract Number:: FE0032089

OSTI ID:: 2426922

Journal Information:: 2024 22nd Mediterranean Communication and Computer Networking Conference (MedComNet), Journal Name: 2024 22nd Mediterranean Communication and Computer Networking Conference (MedComNet)

Country of Publication:: United States

Language:: English

References (18)

An Anomaly Mitigation Framework for IoT Using Fog Computing Lawal, Muhammad Aminu; Shaikh, Riaz Ahmed; Hassan, Syed Raheel Electronics, Vol. 9, Issue 10 https://doi.org/10.3390/electronics9101565	journal	September 2020
Graph Neural Networks in TensorFlow and Keras with Spektral [Application Notes] Grattarola, Daniele; Alippi, Cesare IEEE Computational Intelligence Magazine, Vol. 16, Issue 1 https://doi.org/10.1109/mci.2020.3039072	journal	February 2021
Graph Neural Networks for Anomaly Detection in Industrial Internet of Things Wu, Yulei; Dai, Hong-Ning; Tang, Haina IEEE Internet of Things Journal, Vol. 9, Issue 12 https://doi.org/10.1109/JIOT.2021.3094295	journal	June 2022
E-GraphSAGE: A Graph Neural Network based Intrusion Detection System for IoT Lo, Wai Weng; Layeghy, Siamak; Sarhan, Mohanad NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium https://doi.org/10.1109/NOMS54207.2022.9789878	conference	April 2022
The Elements of Statistical Learning Hastie, Trevor; Tibshirani, Robert; Friedman, Jerome Springer Series in Statistics https://doi.org/10.1007/978-0-387-84858-7	book	January 2009
Anomaly Detection in In-Vehicle Networks with Graph Neural Networks Özdemir, Övgü; Karagöz, Pınar; Schmidt, Klaus Werner 2023 31st Signal Processing and Communications Applications Conference (SIU) https://doi.org/10.1109/SIU59756.2023.10223760	conference	July 2023
UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set) Moustafa, Nour; Slay, Jill 2015 Military Communications and Information Systems Conference (MilCIS) https://doi.org/10.1109/MilCIS.2015.7348942	conference	November 2015
Condition monitoring and anomaly detection in cyber-physical systems Marfo, William; Tosh, Deepak K.; Moore, Shirley V. 2022 17th Annual System of Systems Engineering Conference (SOSE) https://doi.org/10.1109/SOSE55472.2022.9812638	conference	June 2022
Network Anomaly Detection Using Federated Learning Marfo, William; Tosh, Deepak K.; Moore, Shirley V. MILCOM 2022 - 2022 IEEE Military Communications Conference (MILCOM) https://doi.org/10.1109/MILCOM55135.2022.10017793	conference	November 2022
Graph Anomaly Detection With Graph Neural Networks: Current Status and Challenges Kim, Hwan; Lee, Byung Suk; Shin, Won-Yong IEEE Access, Vol. 10 https://doi.org/10.1109/ACCESS.2022.3211306	journal	January 2022
An Experimental Analysis of Attack Classification Using Machine Learning in IoT Networks Churcher, Andrew; Ullah, Rehmat; Ahmad, Jawad Sensors, Vol. 21, Issue 2 https://doi.org/10.3390/s21020446	journal	January 2021
A Novel Multimodal-Sequential Approach Based on Multi-View Features for Network Intrusion Detection He, Haitao; Sun, Xiaobing; He, Hongdou IEEE Access, Vol. 7 https://doi.org/10.1109/ACCESS.2019.2959131	journal	January 2019
An ensemble learning and fog-cloud architecture-driven cyber-attack detection framework for IoMT networks Kumar, Prabhat; Gupta, Govind P.; Tripathi, Rakesh Computer Communications, Vol. 166 https://doi.org/10.1016/j.comcom.2020.12.003	journal	January 2021
Detection of Message Injection Attacks Onto the CAN Bus Using Similarities of Successive Messages-Sequence Graphs Jedh, Mubark; Ben Othmane, Lotfi; Ahmed, Noor IEEE Transactions on Information Forensics and Security, Vol. 16 https://doi.org/10.1109/TIFS.2021.3098162	journal	January 2021
Performance Analysis of Intrusion Detection Systems Using a Feature Selection Method on the UNSW-NB15 Dataset Kasongo, Sydney M.; Sun, Yanxia Journal of Big Data, Vol. 7, Issue 1 https://doi.org/10.1186/s40537-020-00379-6	journal	November 2020
Towards Network Anomaly Detection Using Graph Embedding Xiao, Qingsai; Liu, Jian; Wang, Quiyun Lecture Notes in Computer Science https://doi.org/10.1007/978-3-030-50423-6_12	book	June 2020
Network Anomaly Detection Using a Graph Neural Network Kisanga, Patrice; Woungang, Isaac; Traore, Issa 2023 International Conference on Computing, Networking and Communications (ICNC) https://doi.org/10.1109/ICNC57223.2023.10074111	conference	February 2023
Exploiting Edge Features for Graph Neural Networks Gong, Liyu; Cheng, Qiang 2019 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) https://doi.org/10.1109/CVPR.2019.00943	conference	June 2019

Similar Records

Enhancing Network Anomaly Detection Using Graph Neural Networks

Conference · Tue Jun 11 00:00:00 EDT 2024 · OSTI ID:3003233

Efficient Anomaly Detection Driven By Different Machine Learning Architectures And Models

Thesis/Dissertation · Sat Nov 30 23:00:00 EST 2024 · OSTI ID:3003245

Network Anomaly Detection in Distributed Edge Computing Infrastructure

Conference · Thu Jan 09 23:00:00 EST 2025 · OSTI ID:2583899

Enhancing Network Anomaly Detection Using Graph Neural Networks

Citation Formats

References (18)

Similar Records

Related Subjects