Skip to Main content Skip to Navigation
Conference papers

Novelty detection on graph structured data to detect network intrusions

Abstract : It is difficult to detect new types of attacks in heterogeneous and scalable networks in time without generating too many false alarms. While supervised anomaly detection techniques are often used to that end, security experts generally do not have labeled datasets. That's why unsupervised learning, that does not require labeled data, should be preferred. With sec2graph [4], we introduced a representation of security events in the form of a graph linking what we defined as security objects and proposed a method for anomaly detection based on auto-encoders. This representation allows a rich description of the events that are analyzed. In this paper, we apply our approach to the CICIDS2018 dataset and show that our method outperforms classical event modeling and anomaly detection approaches.
Complete list of metadata
Contributor : Ludovic Mé Connect in order to contact the contributor
Submitted on : Monday, February 15, 2021 - 4:12:33 PM
Last modification on : Wednesday, November 3, 2021 - 8:14:41 AM
Long-term archiving on: : Sunday, May 16, 2021 - 7:49:56 PM


Files produced by the author(s)


  • HAL Id : hal-03115308, version 1


Laetitia Leichtnam, Eric Totel, Nicolas Prigent, Ludovic Mé. Novelty detection on graph structured data to detect network intrusions. CAID 2020 - Conference on Artificial Intelligence for Defense, Dec 2020, Virtual, France. ⟨hal-03115308⟩



Les métriques sont temporairement indisponibles