The application of Artificial Intelligence (AI) and Machine Learning (ML) to network security (AI4SEC) is paramount against cybercrime. While AI/ML is mainstream in domains such as computer vision and natural language processing, traditional AI/ML has produced below-par results in AI4SEC. Solutions do not properly generalize, are ineffective in real deployments, and are vulnerable to adversarial attacks. A fundamental limitation is the lack of AI/ML technology specific to network security.
Due to their unique ability to learn and generalize over graph-structured information, graph-learning approaches, and in particular Graph Neural Networks (GNNs), have recently enabled groundbreaking applications in multiple fields where data are generally represented as graphs. Network security data are intrinsically relational, and initial research suggests that graph-structured representations and GNNs have the potential to become foundational to AI4SEC, in the way convolutional and recursive networks were to computer vision and natural language processing.
The goal of GRAPHS4SEC is to leverage graph data representations and modern GNN technology to conceive a new breed of robust GNN-based network security methods which could radically advance the AI4SEC practice. The objectives of GRAPHS4SEC are: (a) to investigate algorithmic methods that facilitate modeling and learning from graph-based network security data; (b) to compare the benefits and overheads of GNN-based AI4SEC to traditional AI/ML in terms of detection performance, generalization, scalability, and robustness against adversarial attacks; (c) to showcase the benefits and improvements of GRAPHS4SEC technology in four critical, real-world network security applications with significant impact for society, considering (in particular) the detection and early mitigation of phishing and fake/malicious websites, a threat among the most popular and society-wide harmful in today’s Internet.
As a decentralized and distributed system, the Internet and the plethora of applications it serves are today critical infrastructure permeating all aspects of modern society. The security of the network infrastructure and the most relevant Internet services is a top priority for the security research community, and novel solutions to ensuring privacy and security are needed in the race against cyber-crime.
Start date: (36 months)
Funding support: 1190897 €
Project partners
- Austrian Institute of Technology - Austria (coordinator)
- Universitat Politècnica de Catalunya - Spain
- KOR Labs SAS - France
- Conservatoire national des arts et métiers - France
- Imperial College London - United Kingdom