Abstract
Securing communication networks has become increasingly important due to the growth in cybersecurity attacks, such as ransomware and denial of service attacks. In order to better observe, detect and track attacks in large networks, accurate and efficient anomaly detection algorithms are needed. In this paper, we address how the redundancy of the normal and attack traffic information available from network flow data can be exploited to develop a computationally efficient method for security attack detection. In this work, several sampling strategies are integrated with two graph neural network frameworks that have been employed to detect network attacks with reduced computational overhead, while achieving high detection accuracy. Using network flow data from several types of networks, such as Internet of Things data, the trade-off between model accuracy and computational efficiency for different attacks has been evaluated.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Axelsson, S.: Intrusion detection systems: a survey and taxonomy. Technical report, Citeseer (2000)
Butun, I., Morgera, S.D., Sankar, R.: A survey of intrusion detection systems in wireless sensor networks. IEEE Commun. Surv. Tutor. 16(1), 266–282 (2013)
Chiang, W.L., Liu, X., Si, S., Li, Y., Bengio, S., Hsieh, C.J.: Cluster-GCN: an efficient algorithm for training deep and large graph convolutional networks. In: Proceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining, pp. 257–266 (2019)
Damasevicius, R., et al.: Litnet-2020: an annotated real-world network flow dataset for network intrusion detection. Electronics 9(5), 800 (2020)
Ding, K., Li, J., Bhanushali, R., Liu, H.: Deep anomaly detection on attributed networks. In: Proceedings of the 2019 SIAM International Conference on Data Mining, pp. 594–602. SIAM (2019)
Hamilton, W.L., Ying, R., Leskovec, J.: Inductive representation learning on large graphs. In: Proceedings of the 31st International Conference on Neural Information Processing System, pp. 1025–1035 (2017)
Kipf, T.N., Welling, M.: Semi-supervised classification with graph convolutional networks. arXiv preprint arXiv:1609.02907 (2016)
Kipf, T.N., Welling, M.: Variational graph auto-encoders. arXiv preprint arXiv:1611.07308 (2016)
Liu, X., Yan, M., Deng, L., Li, G., Ye, X., Fan, D.: Sampling methods for efficient training of graph convolutional networks: a survey. arXiv preprint arXiv:2103.05872 (2021)
Moustafa, N., Slay, J.: Unsw-nb15: a comprehensive data set for network intrusion detection systems (unsw-nb15 network data set). In: Proceeding of the 2015 Military Communications and Information Systems Conference (MilCIS), pp. 1–6. IEEE (2015)
Park, J., Lee, M., Chang, H.J., Lee, K., Choi, J.Y.: Symmetric graph convolutional autoencoder for unsupervised graph representation learning. In: Proceedings of the IEEE/CVF International Conference on Computer Vision, pp. 6519–6528 (2019)
Rajasegarar, S., Leckie, C., Palaniswami, M.: Anomaly detection in wireless sensor networks. IEEE Wirel. Commun. 15(4), 34–40 (2008)
Rashidi, L., et al.: Node re-ordering as a means of anomaly detection in time-evolving graphs. In: Frasconi, P., Landwehr, N., Manco, G., Vreeken, J. (eds.) ECML PKDD 2016. LNCS (LNAI), vol. 9852, pp. 162–178. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-46227-1_11
Shuman, D.I., Narang, S.K., Frossard, P., Ortega, A., Vandergheynst, P.: The emerging field of signal processing on graphs: extending high-dimensional data analysis to networks and other irregular domains. IEEE Signal Process. Mag. 30(3), 83–98 (2013)
Wu, Z., Pan, S., Chen, F., Long, G., Zhang, C., Philip, S.Y.: A comprehensive survey on graph neural networks. IEEE Trans. Neural Networks Learn. Syst. 32(1), 4–24 (2020)
Zhang, W., et al.: Grain: improving data efficiency of graph neural networks via diversified influence maximization. arXiv preprint arXiv:2108.00219 (2021)
Zou, D., Hu, Z., Wang, Y., Jiang, S., Sun, Y., Gu, Q.: Layer-dependent importance sampling for training deep and large graph convolutional networks. arXiv preprint arXiv:1911.07323 (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Xia, S., Rajasegarar, S., Leckie, C., Erfani, S.M., Chan, J. (2022). Exploiting Redundancy in Network Flow Information for Efficient Security Attack Detection. In: Yuan, X., Bai, G., Alcaraz, C., Majumdar, S. (eds) Network and System Security. NSS 2022. Lecture Notes in Computer Science, vol 13787. Springer, Cham. https://doi.org/10.1007/978-3-031-23020-2_6
Download citation
DOI: https://doi.org/10.1007/978-3-031-23020-2_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-23019-6
Online ISBN: 978-3-031-23020-2
eBook Packages: Computer ScienceComputer Science (R0)