4 research outputs found
E-GraphSAGE: A Graph Neural Network based Intrusion Detection System for IoT
This paper presents a new Network Intrusion Detection System (NIDS) based on
Graph Neural Networks (GNNs). GNNs are a relatively new sub-field of deep
neural networks, which can leverage the inherent structure of graph-based data.
Training and evaluation data for NIDSs are typically represented as flow
records, which can naturally be represented in a graph format. This establishes
the potential and motivation for exploring GNNs for network intrusion
detection, which is the focus of this paper. Current studies on machine
learning-based NIDSs only consider the network flows independently rather than
taking their interconnected patterns into consideration. This is the key
limitation in the detection of sophisticated IoT network attacks such as DDoS
and distributed port scan attacks launched by IoT devices. In this paper, we
propose \mbox{E-GraphSAGE}, a GNN approach that overcomes this limitation and
allows capturing both the edge features of a graph as well as the topological
information for network anomaly detection in IoT networks. To the best of our
knowledge, our approach is the first successful, practical, and extensively
evaluated approach of applying Graph Neural Networks on the problem of network
intrusion detection for IoT using flow-based data. Our extensive experimental
evaluation on four recent NIDS benchmark datasets shows that our approach
outperforms the state-of-the-art in terms of key classification metrics, which
demonstrates the potential of GNNs in network intrusion detection, and provides
motivation for further research.Comment: 9 pages, 5 figures, 6 table
Heterogeneous Graph Neural Networks for Fraud Detection and Explanation in Supply Chain Finance
It is a critical mission for financial service providers to discover fraudulent borrowers in a supply chain. The borrowers’ transactions in anongoing business are inspected to support the providers’ decision on whether to lend the money. Considering multiple participants in a supply chain business, the borrowers may use sophisticated tricks to cheat, making fraud detection challenging. In this work, we propose a multitask learning framework, MultiFraud, for complex fraud detection with reasonable explanation. The heterogeneous information from multi-view around the entities is leveraged in the detection framework based on heterogeneous graph neural networks. MultiFraud enables multiple domains to share embeddings and enhance modeling capabilities for fraud detection. The developed explainer provides comprehensive explanations across multiple graphs. Experimental results on five datasets demonstrate the framework’s effectiveness in fraud detection and explanation across domains