One-Class Intrusion Detection with Dynamic Graphs
Aleksei Liuliakov, Alexander Schulz, Luca Hermes, Barbara Hammer
TL;DR
This paper introduces TGN-SVDD, a novel deep anomaly detection method leveraging dynamic graph modeling for network intrusion detection, effectively identifying novel and unseen network events.
Contribution
The paper presents a new method combining dynamic graph modeling with deep anomaly detection for intrusion detection, addressing challenges of detecting unseen network events.
Findings
TGN-SVDD outperforms several baseline methods on realistic intrusion detection data.
It demonstrates robustness in detecting novel and unseen network events.
A more challenging intrusion detection variant is also proposed.
Abstract
With the growing digitalization all over the globe, the relevance of network security becomes increasingly important. Machine learning-based intrusion detection constitutes a promising approach for improving security, but it bears several challenges. These include the requirement to detect novel and unseen network events, as well as specific data properties, such as events over time together with the inherent graph structure of network communication. In this work, we propose a novel intrusion detection method, TGN-SVDD, which builds upon modern dynamic graph modelling and deep anomaly detection. We demonstrate its superiority over several baselines for realistic intrusion detection data and suggest a more challenging variant of the latter.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.