Skip to main navigation menu Skip to main content Skip to site footer

Articles

Vol. 11 No. 2 (2024): Instrumentation Volume 11 Issue 2

Hybrid Gaussian Network Intrusion Detection Method Based on CGAN and E-GraphSAGE

DOI
https://doi.org/10.15878/j.instr.202400165
Submitted
March 12, 2024
Published
2024-06-30

Abstract

The rapid development of the Internet of Things (IoT) and modern information technology has led to the emergence of new types of cyber-attacks. It poses a great potential danger to network security. Consequently, protecting against network attacks has become a pressing issue that requires urgent attention. It is crucial to find practical solutions to combat such malicious behavior. A network intrusion detection (NID) method, known as GMCE-GraphSAGE, was proposed to meet the detection demands of the current intricate network environment. Traffic data is mapped into gaussian distribution, which helps to ensure that subsequent models can effectively learn the features of traffic samples. The conditional generative adversarial network (CGAN) can generate attack samples based on specified labels to create balanced traffic datasets. In addition, we constructed a communication interaction graph based on the connection patterns of traffic nodes. The E-GraphSAGE is designed to capture both the topology and edge features of the traffic graph. From it, global behavioral information is combined with traffic features, providing a solid foundation for classifying and detecting. Experiments on the UNSW-NB15 dataset demonstrate the great detection advantage of the proposed method. Its binary and multi-classification F1-score can achieve 99.36% and 89.29%, respectively. The GMCE-GraphSAGE effectively improves the detection rate of minority class samples in the NID task.

Downloads

Download data is not yet available.