The rapid development of the Internet of Things (IoT) and modern information technology has led to the emergence of new types of cyber-attacks. It poses a great potential danger to network security. Consequently, protecting against network attacks has become a pressing issue that requires urgent attention. It is crucial to find practical solutions to combat such malicious behavior. A network intrusion detection (NID) method, known as GMCE-GraphSAGE, was proposed to meet the detection demands of the current intricate network environment. Traffic data is mapped into gaussian distribution, which helps to ensure that subsequent models can effectively learn the features of traffic samples. The conditional generative adversarial network (CGAN) can generate attack samples based on specified labels to create balanced traffic datasets. In addition, we constructed a communication interaction graph based on the connection patterns of traffic nodes. The E-GraphSAGE is designed to capture both the topology and edge features of the traffic graph. From it, global behavioral information is combined with traffic features, providing a solid foundation for classifying and detecting. Experiments on the UNSW-NB15 dataset demonstrate the great detection advantage of the proposed method. Its binary and multi-classification F1-score can achieve 99.36% and 89.29%, respectively. The GMCE-GraphSAGE effectively improves the detection rate of minority class samples in the NID task.
You may also start an advanced similarity search for this article.