TY - GEN
T1 - Comparison of Interaction Profiling Bipartite Graph Mining and Graph Neural Network for Malware-Control Domain Detection
AU - Jeng, Tzung Han
AU - Chen, Chien Chih
AU - Tsai, Yu Lung
AU - Chen, Yi Ming
N1 - Publisher Copyright:
© 2024 Copyright held by the owner/author(s). Publication rights licensed to ACM.
PY - 2024/5/22
Y1 - 2024/5/22
N2 - In the rapidly evolving realm of cybersecurity, the detection of malicious domains stands as a critical challenge. Traditional methodologies, reliant on expert-driven feature engineering, are increasingly strained against the dynamic tactics of cyber-criminals. This paper introduces a novel approach utilizing Graph Neural Networks (GNNs) to enhance the detection of malicious domains. By leveraging un-supervised representation learning techniques, such as Deep Graph Infomax, we transform network traffic data into graph data models, thereby reducing reliance on domain expert input for feature identification. Our method demonstrates marked improvements in domain name classification using real-world data. This research contrasts the new data-driven approach with traditional methods, high-lighting its superior adaptability, reduced dependency on expert knowledge, and potential for broader application. The findings underscore the efficacy of GNNs in cybersecurity and open avenues for future research in applying advanced ma-chine learning techniques to cyber threat detection.
AB - In the rapidly evolving realm of cybersecurity, the detection of malicious domains stands as a critical challenge. Traditional methodologies, reliant on expert-driven feature engineering, are increasingly strained against the dynamic tactics of cyber-criminals. This paper introduces a novel approach utilizing Graph Neural Networks (GNNs) to enhance the detection of malicious domains. By leveraging un-supervised representation learning techniques, such as Deep Graph Infomax, we transform network traffic data into graph data models, thereby reducing reliance on domain expert input for feature identification. Our method demonstrates marked improvements in domain name classification using real-world data. This research contrasts the new data-driven approach with traditional methods, high-lighting its superior adaptability, reduced dependency on expert knowledge, and potential for broader application. The findings underscore the efficacy of GNNs in cybersecurity and open avenues for future research in applying advanced ma-chine learning techniques to cyber threat detection.
KW - Cybersecurity
KW - Deep Graph Infomax
KW - Graph Neural Networks
KW - Malicious Domain Detection
KW - Network Traffic Analysis
KW - Unsupervised Learning
UR - http://www.scopus.com/inward/record.url?scp=85198755732&partnerID=8YFLogxK
U2 - 10.1145/3658549.3658552
DO - 10.1145/3658549.3658552
M3 - 會議論文篇章
AN - SCOPUS:85198755732
T3 - ACM International Conference Proceeding Series
SP - 12
EP - 19
BT - Proceedings of the 2024 International Conference on Information Technology, Data Science, and Optimization, I-DO 2024
PB - Association for Computing Machinery
T2 - 2024 International Conference on Information Technology, Data Science, and Optimization, I-DO 2024
Y2 - 22 May 2024 through 24 May 2024
ER -