Metrics
10 Record Views
Journal article
Enhancing network intrusion detection using graph convolutional networks fused with traditional systems
International journal of data science and analytics, Vol.21(1), 31
12/01/2025
Web of Science ID: WOS:001628086500001
Abstract
The high scale of cyber-attacks has revealed the shortcomings of conventional intrusion detection systems (IDS), which has prompted the development of new and sophisticated methods that can model complicated traffic patterns. In this work, the emphasis is on enhancing proactive anomaly detection using graph convolutional networks (GCNs) in conjunction with classical machine learning techniques. Two models are suggested: a GCN-autoencoder (GCN-AE) to identify any anomalies with no supervision and a GCN-k-nearest neighbors (GCN-KNN) to classify intrusions with supervision. The UNSW-NB15 dataset consists of 700,000 instances and 49 features, which were pre-processed by scaling the features, encoding labels, and converting categorical variables into one-hot encodings. To reduce class bias, a balanced data set of 22,000 anomalies and 22,000 non-anomalies was subsequently generated. Graph structures were used to encode node-to-node relationships, and both models were run in Keras-TensorFlow with hyperparameter optimization. Experimental results demonstrate that GCN-AE performed moderately (Accuracy: 52.86% and Precision: 81.48% and Recall: 7.96% and F1-score: 14.51%), and GCN-KNN performed exceptionally well (Accuracy: 99.94% and Precision: 99.90% and Recall: 99.97 and F1-score: 99.93) with an AUC of 0.99 and extremely low false positives. In all, this study demonstrates that graph-based learning, particularly GCN-KNN, offers a robust and classical framework for detecting intrusions. The suggested solution is capable of detecting various threats, including DoS, port scanning, and data exfiltration, which makes it promising to implement in a multilayer network infrastructure.
Related links
Details
- Title
- Enhancing network intrusion detection using graph convolutional networks fused with traditional systems
- Publication Details
- International journal of data science and analytics, Vol.21(1), 31
- Resource Type
- Journal article
- Publisher
- Springer International Publishing
- Number of pages
- 23
- Copyright
- © 2025, The Author(s), under exclusive licence to Springer Nature Switzerland AG
- Identifiers
- WOS:001628086500001; 99381555435206600
- Academic Unit
- Cybersecurity and Information Technology; Hal Marcus College of Science and Engineering
- Language
- English