Graph Neural Networks for Robust AI/ML-driven Network Security Applications – GRAPHS4SEC

The application of Artificial Intelligence (AI) and Machine Learning (ML) to network security (AI4SEC) is paramount against cybercrime. While AI/ML is mainstream in domains such as computer vision and natural language processing, traditional AI/ML has produced below-par results in AI4SEC. Solutions do not properly generalize, are ineffective in real deployments, and are vulnerable to adversarial attacks. A fundamental limitation is the lack of AI/ML technology specific to network security.

Due to their unique ability to learn and generalize over graph-structured information, graph-learning approaches, and in particular Graph Neural Networks (GNNs), have recently enabled groundbreaking applications in multiple fields where data are generally represented as graphs. Network security data are intrinsically relational, and initial research suggests that graph-structured representations and GNNs have the potential to become foundational to AI4SEC, in the way convolutional and recursive networks were to computer vision and natural language processing.

The goal of GRAPHS4SEC is to leverage graph data representations and modern GNN technology to conceive a new breed of robust GNN-based network security methods which could radically advance the AI4SEC practice. The objectives of GRAPHS4SEC are: (a) to investigate algorithmic methods that facilitate modeling and learning from graph-based network security data; (b) to compare the benefits and overheads of GNN-based AI4SEC to traditional AI/ML in terms of detection performance, generalization, scalability, and robustness against adversarial attacks; (c) to showcase the benefits and improvements of GRAPHS4SEC technology in four critical, real-world network security applications with significant impact for society, considering (in particular) the detection and early mitigation of phishing and fake/malicious websites, a threat among the most popular and society-wide harmful in today’s Internet.

As a decentralized and distributed system, the Internet and the plethora of applications it serves are today critical infrastructure permeating all aspects of modern society. The security of the network infrastructure and the most relevant Internet services is a top priority for the security research community, and novel solutions to ensuring privacy and security are needed in the race against cyber-crime.

GRAPHS4SEC addresses this need regarding the following expected impact of the call:

1 – Develops self-aware, AI-driven cybersecurity systems to identify and adapt to new threat vectors.

2 – Designs hybrid software-hardware security solutions, by integrating novel AI/GNN based detection systems into sophisticated softwarized packet processing technologies and Programmable Data Planes.

3 – Uses the produced technology to tackle advanced cyber-security use cases involving AI-driven cyber attackers.

4 – Advances the state of the art in the boundaries between network security and graph-based machine learning, strengthening the research community around the proposed challenges.

The strategic goal of the GRAPHS4SEC project is to address the fundamental problems limiting the broad adoption and success of AI/ML in cybersecurity applications. empowering the cybersecurity practice with novel AI/ML tools, adapted to distributed systems.