Mr. Carlton Spivey Profile

Carlton Spivey

at United States Military Academy

SPIE Involvement:

Author

Publications (1)

This will count as one of your downloads.

You will have access to both the presentation and article (if available).

DOWNLOAD NOW

This content is available for download via your institution's subscription. To access this item, please sign in to your personal account.

Email or Username Forgot your username?

Password Forgot your password?

Show

Keep me signed in

No SPIE account? Create an account

Proceedings Article | 12 June 2023 Presentation + Paper

Graph representation learning for context-aware network intrusion detection

Augustine Premkumar, Madeleine Schneider, Carlton Spivey, John Pavlik, Nathaniel Bastian

Proceedings Volume 12538, 125380H (2023) https://doi.org/10.1117/12.2663162

KEYWORDS: Machine learning, Computer intrusion detection, Data modeling, Decision trees, Neural networks

Read Abstract +

Detecting malicious activity using a network intrusion detection system (NIDS) is an ongoing battle for the cyber defender. Increasingly, cyber-attacks are sophisticated and occur rapidly, necessitating the use of machine/deep learning (ML/DL) techniques for network intrusion detection. Traditional ML/DL techniques for NIDS classifiers, however, are often unable to sufficiently find context-driven similarities between the various network flows and/or packet captures. In this work, we leverage graph representation learning (GRL) techniques to successfully detect adversarial intrusions by exploiting the graph structure of NIDS data to derive context awareness, as graphs are a universal language for describing entities and their relationships. We explore several methods for NIDS data graph representation at both the network flow and packet level utilizing the CIC-IDS2017 dataset. We leverage graph neural networks and graph embedding algorithms to create a context-aware network intrusion detection system. Results indicate that adding context derived from GRL improves performance for detecting attacks. Our highest-scoring classifier incorporated both GNN embeddings and flow-level features and achieved an accuracy of 99.9%. Adding GRL methods to augment the flow/packet features improved accuracy by as much as 52.41%.

My Library

You currently do not have any folders to save your paper to! Create a new folder below.

Folder Name

Folder Description

View contact details

UPDATE YOUR PROFILE

Is this your profile? Update it now.

Sign into your SPIE.org account

Don’t have a profile and want one?

Create an account on SPIE.org

Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks. You are receiving this notice because your organization may not have SPIE eBooks access.*

*Shibboleth/Open Athens users─please sign in to access your institution's subscriptions.

To obtain this item, you may purchase the complete book in print or electronic format on SPIE.org.

ORGANIZATIONAL
Sign in with credentials provided by your organization.

Organizational Username

Organizational Password

Show/Hide Password

INSTITUTIONAL
Select your institution to access the SPIE Digital Library.

SELECT YOUR INSTITUTION

PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.

PERSONAL SIGN IN

No SPIE Account? Create one

PURCHASE THIS CONTENT

SUBSCRIBE TO DIGITAL LIBRARY

50 downloads per 1-year subscription

Members: $195

Non-members: $335 ADD TO CART

25 downloads per 1 - year subscription

Members: $145

Non-members: $250 ADD TO CART

PURCHASE SINGLE ARTICLE

Includes PDF, HTML & Video, when available

Members:

Non-members: ADD TO CART

Keywords/Phrases

Search In:

Publication Years