Prediction and graph visualization of cyber attacks using graph attention networks

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2025-05-26 DOI:10.1016/j.cose.2025.104534

Mucahit Soylu , Resul Das

{"title":"Prediction and graph visualization of cyber attacks using graph attention networks","authors":"Mucahit Soylu , Resul Das","doi":"10.1016/j.cose.2025.104534","DOIUrl":null,"url":null,"abstract":"<div><div>This study proposes a hybrid approach for visualizing cyberattacks by combining the deep learning-based GAT model with JavaScript-based graph visualization tools. The model processes large, heterogeneous data from the UNSW-NB15 dataset to generate dynamic and meaningful graphs. In the data cleaning phase, missing and erroneous data were removed, unnecessary columns were discarded, and the data was transformed into a format suitable for modeling. Then, the data was converted into homogeneous graphs, and heterogeneous structures were created for analysis using the GAT model. GAT prioritizes relationships between nodes in the graph with an attention mechanism, effectively detecting attack patterns. The analyzed data was then converted into interactive graphs using tools like SigmaJS, with attacks between the same nodes grouped to reduce graph complexity. Users can explore these dynamic graphs in detail, examine attack types, and track events over time. This approach significantly benefits cybersecurity professionals, allowing them to better understand, track, and develop defense strategies against cyberattacks.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"157 ","pages":"Article 104534"},"PeriodicalIF":5.4000,"publicationDate":"2025-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404825002238","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

This study proposes a hybrid approach for visualizing cyberattacks by combining the deep learning-based GAT model with JavaScript-based graph visualization tools. The model processes large, heterogeneous data from the UNSW-NB15 dataset to generate dynamic and meaningful graphs. In the data cleaning phase, missing and erroneous data were removed, unnecessary columns were discarded, and the data was transformed into a format suitable for modeling. Then, the data was converted into homogeneous graphs, and heterogeneous structures were created for analysis using the GAT model. GAT prioritizes relationships between nodes in the graph with an attention mechanism, effectively detecting attack patterns. The analyzed data was then converted into interactive graphs using tools like SigmaJS, with attacks between the same nodes grouped to reduce graph complexity. Users can explore these dynamic graphs in detail, examine attack types, and track events over time. This approach significantly benefits cybersecurity professionals, allowing them to better understand, track, and develop defense strategies against cyberattacks.

查看原文本刊更多论文

基于图注意网络的网络攻击预测与图可视化

本研究通过将基于深度学习的GAT模型与基于javascript的图形可视化工具相结合，提出了一种用于可视化网络攻击的混合方法。该模型处理来自UNSW-NB15数据集的大量异构数据，生成动态且有意义的图形。在数据清理阶段，删除缺失和错误的数据，丢弃不必要的列，并将数据转换为适合建模的格式。然后，将数据转换为同构图，并利用GAT模型创建异构结构进行分析。GAT通过注意机制对图中节点之间的关系进行优先级排序，有效地检测攻击模式。然后使用SigmaJS等工具将分析的数据转换为交互式图形，将相同节点之间的攻击分组以降低图形的复杂性。用户可以详细探索这些动态图，检查攻击类型，并跟踪一段时间内的事件。这种方法极大地有利于网络安全专业人员，使他们能够更好地理解、跟踪和制定针对网络攻击的防御策略。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.