Proceedings of the Annual Conference of JSAI
Online ISSN : 2758-7347
38th (2024)
Session ID : 4Xin2-40
Conference information

GNN-based Anomaly Traffic Detection using Continuous Graph Considering Functional Transitions of Flow Data
*Yusuke AKIMOTONorihiro OKUIAyumu KUBOTATakuya YOSHIDA
Author information
CONFERENCE PROCEEDINGS FREE ACCESS

Details
Abstract

As more and more IoT devices are connected to the network, countermeasures against cyber-attacks against IoT devices have become an important issue. Recently, Graph Neural Network (GNN)-based methods have been proposed to detect malware-infected IoT devices. Compared to conventional methods that use only statistical information, GNN-based methods can take into account various communication relationships, such as communication paths, communication order, and functional coherence. On the other hand, most of the previous studies are based on static graphs over a specific period of time and fail to take into account changes in communication over time. In reality, most communication data changes with time, and a method that can handle dynamically changing communication is required. We propose a new anomaly detection method for dynamic graphs that represent the order and functional coherence of communications. By using a dynamic graph called Continuous Graph, we can handle a large amount of communication data with a low computational cost. Experiments were conducted on public datasets to evaluate the accuracy of the proposed method, and its effectiveness was confirmed.

Content from these authors
© 2024 The Japanese Society for Artificial Intelligence
Previous article Next article
feedback
Top