A Graph Construction Method for Anomalous Traffic Detection with Graph Neural Networks Using Sets of Flow Data.

With the spread of Internet of Things (IoT) devices, countermeasures against cyber-attacks have become an issue. In this study, we focused on anomaly detection using flow data, which can reduce the data volume, and proposed a new anomaly detection method that combines a new graph composition method that represents a sequence of flow data as a graph and a graph neural network (GNN). Various detection methods, including deep learning, have been proposed for identifying malware such as denial-of-service (DoS) attacks, in which the characteristics of traffic deviate significantly from those of benign communications. We conducted an evaluation experiment with the proposed method using the KDDI-IoT-2019 dataset and discussed its effectiveness and limitations.