A novel graph convolutional networks model for an intelligent network traffic analysis and classification

Abstract

Network security in the midst of evolving and complex cyber-attacks is a growing concern. As the complexity of network architectures grows, so does the need for advanced methods in network traffic analysis and classification. This study explores the application of a novel Graph Convolutional Networks (GCNs) to address the challenges associated with intelligent network traffic analysis. The network interactions are modeled as a graph, where nodes represent devices or IP addresses, and edges capture the communication channels between them. In this work, dataset which contains packet information of some network devices was obtained from an online repository. The data was preprocessed, normalized and label-encoded. Seven baseline models, including Feed Forward Network (FFN) were developed as reference to the proposed GCN. The parameters were tuned to optimize the performance and the dataset was split into average train-test to avoid overfitting. Two convolutional fully-connected layers were used also as more could cause oversmoothing. Performance of the novel GCN was compared with the reference models. The improved GCN model gave classification accuracy of 94.3% compared to classical GCN with 92.5% and FFN with 88%. Results also showed that the enhanced GCN proposed in this study outperformed the classical GCN and FFN in precision, recall, F1 score and area under curve metrics. Through the utilization of a GCN architecture and proposed enhancements, the proposed model demonstrates notable effectiveness in accurately classifying diverse types of network traffic. This research showed the efficacy of GCNs in intelligent network traffic analysis, offering a promising approach to augmenting cybersecurity efforts in an evolving digital landscape.