A Benchmark of Graph Augmentations for Contrastive Learning-Based Network Attack Detection with Graph Neural Networks
Résumé
Graph Neural Networks (GNNs) have recently emerged as powerful tools for detecting network attacks, due to their ability to capture complex relationships between hosts. However, acquiring labeled datasets in the cybersecurity domain is challenging. Consequently, efforts are directed towards learning representations directly from data using self-supervised approaches. In this study, we focus on contrastive methods that aim to maximize agreement between the original graph and positive graph augmentations, while minimizing agreement with negative graph augmentations. Our goal is to benchmark 10 augmentation techniques and provide more efficient augmentations for network data. We systematically evaluate 100 pairs of positive and negative graphs and present our findings in a table, highlighting the best-performing techniques. In particular, the experiments demonstrate that leveraging topological and attributive augmentations in the positive and negative graph generally improves performance, with up to 1.8\% and 2.2\% improvement in F1-score on two different datasets. The analysis further showcases the intrinsic connection between the performance of graph augmentations and the underlying data, highlighting the need for careful prior selection to achieve optimal results.
Fichier principal
A_Benchmark_of_Graph_Augmentations_for_Contrastive_Learning_Based_Network_Attack_Detection_with_Graph_Neural_Networks.pdf (182.21 Ko)
Télécharger le fichier
Origine | Fichiers produits par l'(les) auteur(s) |
---|