DeepGFL: Deep Feature Learning via Graph for Attack Detection on Flow-based Network Traffic
Published in Milcom IEEE, 2018
Recommended citation: Yepeng Yao, Liya Su, Zhigang Lu: DeepGFL: Deep Feature Learning via Graph for Attack Detection on Flow-based Network Traffic[C]//2018 Milcom. IEEE, 2018: 579-584. https://ieeexplore.ieee.org/document/8599821
Recommended citation: Yepeng Yao, Liya Su, Zhigang Lu: DeepGFL: Deep Feature Learning via Graph for Attack Detection on Flow-based Network Traffic[C]//2018 Milcom. IEEE, 2018: 579-584.
Abstract
The ability to mine structurally complex and latent relationship among network flows has become the focus of many initiatives. Learning graph representation for network attack detection has become a critical issue which is an across-network machine learning task. However, the challenge of effectively representing graph for network traffic is unmet yet, especially for detecting various threat patterns which is modeled as attributed graph. In the same time, existing methods could not capture higher-order subgraph structures. For these reasons, we propose a new way to model network graph called Deep Graph Feature Learning (DeepGFL) for network attack detection to solve this problem. DeepGFL is a framework studying deep features from attributed network flow graph. We automatically generalize higher-order features from base features obtained from attributed graphs and then implement network attack detection. We evaluate the proposed framework with base features threat detection on a real world datasets. Experimental results show that DeepGFL is more effective, more accurate and more space efficient for network attack detection.