3D-IDS: Doubly Disentangled Dynamic Intrusion Detection

Qiu, Chenyang; Geng, Y. M.; Lu, Junrui; Chen, Kaida; Zhu, Shiqun; Su, Yaxin; Nan, Guoshun; Zhang, Can; Fu, Junsong; Cui, Qimei; Tao, Xiaofeng

doi:10.1145/3580305.3599238

Proceedings of the 29th ACM SIGKDD Conference on Knowledge Discovery and Data Mining 2023

DOI: 10.1145/3580305.3599238

|View full text |Cite

3D-IDS: Doubly Disentangled Dynamic Intrusion Detection

Chenyang Qiu

Y. M. Geng

Junrui Lu

et al.

Abstract: Network-based intrusion detection system (NIDS) monitors network traffic for malicious activities, forming the frontline defense against increasing attacks over information infrastructures. Although promising, our quantitative analysis shows that existing methods perform inconsistently in declaring various unknown attacks (e.g., 9% and 35% F1 respectively for two distinct unknown threats for an SVM-based method) or detecting diverse known attacks (e.g., 31% F1 for the Backdoor and 93% F1 for DDoS by a GCN-base… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...

Citation Types

Supporting

Mentioning

Contrasting

Year Published

2023

2024

Publication Types

Select...

Other3

Relationship

Self Cite0

Independent3

Authors

Journals

Cited by 3 publications

References 67 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Channel-Centric Spatio-Temporal Graph Networks for Network-based Intrusion Detection

Escriche,

Nyberg,

Kim

et al. 2024

2024 IEEE Conference on Communications and Network Security (CNS)

View full text Add to dashboard Cite

The increasing threat that cyberattacks pose to critical digital infrastructures requires the definition of methods that can reliably detect or prevent them in the face of their escalating complexity and frequency. In this thesis, we study a widespread type of cyberattack, namely network intrusion attacks, and provide a detailed exploration of existing machine learning-based systems designed for their detection, primarily focusing our study on recently proposed systems that provide high classification performance across multiple datasets. A common aspect of the studied methods is that they apply Graph Neural Networks (GNNs), which they frequently define to consider an explicit representation of the temporal aspects associated with the network data. The first contribution of this thesis is a description of potential limitations of the considered methods concerning their graph and temporal representations, which leads us to propose alternative formulations that aim to avoid those limitations. As a result, we introduce a novel architecture, namely Channel-Centric Spatio-Temporal Graph Networks (CCSTGN), which builds on the previously introduced alternative representations and is designed in order to allow its consideration in different applications of network analysis, thus not being restricted to network-intrusion detection. Another contribution of this thesis is the presentation of a comprehensive data preprocessing procedure, which identifies and builds up on other potential limitations of previous approaches. Lastly, we present a detailed experimental evaluation of our proposed CCSTGN architecture using different learning strategies, from which we conclude that our proposal is able to outperform multiple existing GNN-based methods according to various classification metrics and that the data preprocessing procedure is of significant importance for the performance of the models.

show abstract

Channel-Centric Spatio-Temporal Graph Networks for Network-based Intrusion Detection

Escriche,

Nyberg,

Kim

et al. 2024

2024 IEEE Conference on Communications and Network Security (CNS)

View full text Add to dashboard Cite

show abstract

How ground-truth label helps link prediction in heterogeneous graphs

Xiong,

Qiu,

Zhang

2023

Proceedings of the 2023 2nd International Conference on Algorithms, Data Mining, and Information Technology

View full text Add to dashboard Cite

ReCDA: Concept Drift Adaptation with Representation Enhancement for Network Intrusion Detection

Yang,

Zheng,

et al. 2024

Proceedings of the 30th ACM SIGKDD Conference on Knowledge Discovery and Data Mining

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

3D-IDS: Doubly Disentangled Dynamic Intrusion Detection

Cited by 3 publications

References 67 publications

Channel-Centric Spatio-Temporal Graph Networks for Network-based Intrusion Detection

Channel-Centric Spatio-Temporal Graph Networks for Network-based Intrusion Detection

How ground-truth label helps link prediction in heterogeneous graphs

ReCDA: Concept Drift Adaptation with Representation Enhancement for Network Intrusion Detection

Contact Info

Product

Resources

About