International Conference on Computer and Knowledge Engineering

Home / 13th International Conference on Computer and Knowledge Engineering

An Analysis of Botnet Detection Using Graph Neural Network

Authors :

Faezeh Alizadeh¹ Mohammad Khansari²

1- دانشگاه تهران 2- university of tehran

Keywords :

Botnet detection،GNN،Power Law،adversarial behavior

Abstract :

The use of artificial intelligence, especially Graph Neural Network (GNN), in solving cyber security issues brings challenges. We address three challenges of GNN for botnet detection. The first is the explainability problem. The nature signature, from the statistical distribution point of view, is the power-law distribution. The question is that for the cyber security modeling is it true or not and what is the impact of this issue on the GGN-based modeling of cyber security systems. The second is the complexity of computation. Embedding graph has a large amount of information, and its training requires a lot of time. Extracting the smaller number of features from the real environment and considering the context can help reduce the computation. The third is the robustness of the model against the mutation behavior of the attacker. Compared to machine learning methods, GNN can be generalized to address behaviors they have not seen before. GNN considers not only individual entity characteristics, but also the relationships between them. According to the data of the real environment, the detection of the botnet has been done so that the computation has been reduced while maintaining the accuracy.