Skip to main content

Exploiting Redundancy in Network Flow Information for Efficient Security Attack Detection

  • Conference paper
  • First Online:
Network and System Security (NSS 2022)

Abstract

Securing communication networks has become increasingly important due to the growth in cybersecurity attacks, such as ransomware and denial of service attacks. In order to better observe, detect and track attacks in large networks, accurate and efficient anomaly detection algorithms are needed. In this paper, we address how the redundancy of the normal and attack traffic information available from network flow data can be exploited to develop a computationally efficient method for security attack detection. In this work, several sampling strategies are integrated with two graph neural network frameworks that have been employed to detect network attacks with reduced computational overhead, while achieving high detection accuracy. Using network flow data from several types of networks, such as Internet of Things data, the trade-off between model accuracy and computational efficiency for different attacks has been evaluated.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Axelsson, S.: Intrusion detection systems: a survey and taxonomy. Technical report, Citeseer (2000)

    Google Scholar 

  2. Butun, I., Morgera, S.D., Sankar, R.: A survey of intrusion detection systems in wireless sensor networks. IEEE Commun. Surv. Tutor. 16(1), 266–282 (2013)

    Article  Google Scholar 

  3. Chiang, W.L., Liu, X., Si, S., Li, Y., Bengio, S., Hsieh, C.J.: Cluster-GCN: an efficient algorithm for training deep and large graph convolutional networks. In: Proceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining, pp. 257–266 (2019)

    Google Scholar 

  4. Damasevicius, R., et al.: Litnet-2020: an annotated real-world network flow dataset for network intrusion detection. Electronics 9(5), 800 (2020)

    Article  Google Scholar 

  5. Ding, K., Li, J., Bhanushali, R., Liu, H.: Deep anomaly detection on attributed networks. In: Proceedings of the 2019 SIAM International Conference on Data Mining, pp. 594–602. SIAM (2019)

    Google Scholar 

  6. Hamilton, W.L., Ying, R., Leskovec, J.: Inductive representation learning on large graphs. In: Proceedings of the 31st International Conference on Neural Information Processing System, pp. 1025–1035 (2017)

    Google Scholar 

  7. Kipf, T.N., Welling, M.: Semi-supervised classification with graph convolutional networks. arXiv preprint arXiv:1609.02907 (2016)

  8. Kipf, T.N., Welling, M.: Variational graph auto-encoders. arXiv preprint arXiv:1611.07308 (2016)

  9. Liu, X., Yan, M., Deng, L., Li, G., Ye, X., Fan, D.: Sampling methods for efficient training of graph convolutional networks: a survey. arXiv preprint arXiv:2103.05872 (2021)

  10. Moustafa, N., Slay, J.: Unsw-nb15: a comprehensive data set for network intrusion detection systems (unsw-nb15 network data set). In: Proceeding of the 2015 Military Communications and Information Systems Conference (MilCIS), pp. 1–6. IEEE (2015)

    Google Scholar 

  11. Park, J., Lee, M., Chang, H.J., Lee, K., Choi, J.Y.: Symmetric graph convolutional autoencoder for unsupervised graph representation learning. In: Proceedings of the IEEE/CVF International Conference on Computer Vision, pp. 6519–6528 (2019)

    Google Scholar 

  12. Rajasegarar, S., Leckie, C., Palaniswami, M.: Anomaly detection in wireless sensor networks. IEEE Wirel. Commun. 15(4), 34–40 (2008)

    Article  Google Scholar 

  13. Rashidi, L., et al.: Node re-ordering as a means of anomaly detection in time-evolving graphs. In: Frasconi, P., Landwehr, N., Manco, G., Vreeken, J. (eds.) ECML PKDD 2016. LNCS (LNAI), vol. 9852, pp. 162–178. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-46227-1_11

    Chapter  Google Scholar 

  14. Shuman, D.I., Narang, S.K., Frossard, P., Ortega, A., Vandergheynst, P.: The emerging field of signal processing on graphs: extending high-dimensional data analysis to networks and other irregular domains. IEEE Signal Process. Mag. 30(3), 83–98 (2013)

    Article  Google Scholar 

  15. Wu, Z., Pan, S., Chen, F., Long, G., Zhang, C., Philip, S.Y.: A comprehensive survey on graph neural networks. IEEE Trans. Neural Networks Learn. Syst. 32(1), 4–24 (2020)

    Article  MathSciNet  Google Scholar 

  16. Zhang, W., et al.: Grain: improving data efficiency of graph neural networks via diversified influence maximization. arXiv preprint arXiv:2108.00219 (2021)

  17. Zou, D., Hu, Z., Wang, Y., Jiang, S., Sun, Y., Gu, Q.: Layer-dependent importance sampling for training deep and large graph convolutional networks. arXiv preprint arXiv:1911.07323 (2019)

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Siqi Xia .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Xia, S., Rajasegarar, S., Leckie, C., Erfani, S.M., Chan, J. (2022). Exploiting Redundancy in Network Flow Information for Efficient Security Attack Detection. In: Yuan, X., Bai, G., Alcaraz, C., Majumdar, S. (eds) Network and System Security. NSS 2022. Lecture Notes in Computer Science, vol 13787. Springer, Cham. https://doi.org/10.1007/978-3-031-23020-2_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-23020-2_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-23019-6

  • Online ISBN: 978-3-031-23020-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics