請用此 Handle URI 來引用此文件:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/88015
標題: | 基於圖神經網路之新型網路入侵檢測: E-SageGAT架構與集成框架 A novel GNN-based Network Intrusion Detection using Ensemble Framework and E-SageGAT Architecture |
作者: | 劉家銘 Chia-Ming Liu |
指導教授: | 蔡政安 Chen-An Tsai |
關鍵字: | 圖神經網路,集成學習,網路入侵檢測,網路安全, Graph Neural Networks,Ensemble learning,Network Intrusion Detection,Cyber Security, |
出版年 : | 2023 |
學位: | 碩士 |
摘要: | 本研究旨在解決偵測網絡入侵的挑戰性任務,以應對日益複雜和精密的網絡攻擊。儘管傳統機器學習方法已廣泛應用於網絡攻擊檢測並取得了可觀的成果,但對於網絡流量數據的內在拓撲結構卻鮮有研究。因此,我們提出了一個基於圖神經網絡(GNN)的新型集成學習框架Ensemble-GNN以及一種具有創新性的模型架構E-SageGAT,該模型在圖的邊層級應用了自注意力機制,使得模型更能夠彈性地聚合鄰居訊息。這些創新性的貢獻有助於挖掘網絡結構信息和流量相關性,從而提高檢測惡意活動的準確性。在應用於三個基準數據集時,隨機指派節點導致節我們的方法在加權F1分數上比現有方法(E-GraphSAGE / E-ResGAT / XGBoost)提高了1-2%,而集成學習框架則進一步提高了2-3%的性能。另外透過保留原始拓撲結構並將網絡數據包流量表格數據轉換為多向圖,我們提出的方法準確地揭示了潛在的網絡流量結構,為網絡入侵檢測領域的重大進步奠定了基礎。
關鍵詞:圖神經網絡、集成學習、網絡入侵檢測、網絡安全 This work aims to addresses the challenging tasks for robust Network Intrusion Detection Systems (NIDS) capable of tackling increasingly sophisticated and complex cyberattacks. Although the conventional machine learning methods have been widely applied to cyberattack detections and show promising results, little attention has been given to the inherent topological structure of network flow data. Therefore, we present a novel ensemble framework for Graph Neural Networks (GNN) and a revolutionary model architecture, E-SageGAT, which applies self-attention mechanisms at the edge level of graphs. These innovative contributions empower the exploration of the structural information of networks and traffic correlations, thereby enhancing the accuracy of detecting malicious activities. When applied to three benchmark datasets, our approach outperforms existing methods (E-GraphSAGE/E-ResGAT/XGBoost) with a 1-2% improvement in weighted F1-score, while the ensemble framework further improves performance by 2-3%. By retaining the original topological structure and transforming network packet flow tabular data into multi-directed graphs, our proposed methods accurately reveal the latent network flow structures and set the stage for significant progress in the field of network intrusion detection. Keywords: Graph Neural Networks, Ensemble learning, Network Intrusion Detection, Cyber Security |
URI: | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/88015 |
DOI: | 10.6342/NTU202301354 |
全文授權: | 同意授權(限校園內公開) |
顯示於系所單位: | 統計碩士學位學程 |
文件中的檔案:
檔案 | 大小 | 格式 | |
---|---|---|---|
ntu-111-2.pdf 目前未授權公開取用 | 1.69 MB | Adobe PDF | 檢視/開啟 |
系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。