Skip to the main content

Original scientific paper

https://doi.org/10.20532/cit.2023.1005776

Enhanced Network Security Protection through Data Analysis and Machine Learning: An Application of GraphSAGE for Anomaly Detection and Operational Intelligence

Yujing Lu ; Shijiazhuang College of Applied Technology, Shijiazhuang, China *

* Corresponding author.


Full text: english pdf 1.231 Kb

page 233-250

downloads: 92

cite


Abstract

With the Internet's rapid expansion, network security challenges have become increasingly complex and prominent. Traditional protection methods, largely dependent on predefined rules and patterns, demonstrate limited effectiveness against sophisticated and unknown network attacks, failing to harness the full potential of extensive network data. This study addresses the challenges faced by modern cybersecurity, particularly the limitations of traditional defense methods in countering unknown and complex attacks, by proposing a solution that integrates data analysis and machine learning technologies. The focus of this research is placed on network security anomaly detection as well as on intelligent network operations and maintenance exception management based on graph network algorithms, aiming to enhance security defense capabilities and operational efficiency. Specifically, the main contributions and innovations of this paper include: 1. Innovations in sampling, aggregation, and loss functions within the Graph Sample and Aggregation (GraphSAGE) model to improve the accuracy and robustness of the model for network anomaly detection; 2. The introduction of a novel network anomaly root cause analysis and localization model, which, combined with an optimized root cause likelihood assessment method and search scheme, significantly enhances the speed and accuracy of anomaly localization; 3. The design of an integrated decision support system that can automatically adjust protection strategies as network conditions change, achieving a high level of automation and intelligence in cybersecurity management. This work not only provides effective technical support for network security protection but also opens new avenues for future cybersecurity research.

Keywords

network security; data analysis; machine learning; graph network algorithms; anomaly detection; operational intelligence; anomaly control; Graph Sample and Aggregation (GraphSAGE) model

Hrčak ID:

317642

URI

https://hrcak.srce.hr/317642

Publication date:

28.5.2024.

Visits: 382 *