计算机工程与科学2025,Vol.47Issue(3):459-471,13.DOI:10.3969/j.issn.1007-130X.2025.03.008
一种基于图热核扩散卷积的网络入侵检测方法
A network intrusion detection method based on graph heat kernel diffusion convolution
摘要
Abstract
Network intrusion detection is a crucial means of protecting computing resources and data from cyber-attacks.In recent years,the methods based on deep learning have made significant progress for intrusion detection.However,challenges remain,such as effective feature extraction and over-reliance on manually annotated data.To address these issues,a semi-supervised intrusion detection method based on graph heat kernel diffusion convolution is proposed.The method builds the host inter-action graph by using source IP and destination IP addresses as nodes,and their interaction relationships as edges.By fusing network flow statistics and latent graph structural features,the method leverages the graph heat kernel diffusion to aggregate the neighborhood information.These node representations can significantly improve the downstream intrusion detection tasks,enhancing the accuracy of identif-ying anomalous nodes and malicious connections.Experiments conducted on the CIC-IDS-2017 and CIC-IDS-2018 datasets demonstrate that the proposed method can effectively capture the complex topological structures and node relationships in network traffic data.It can learn low-dimensional node embeddings using only a small number of flow features and label information.Furthermore,cluster analysis and vi-sualization of the node representations can reveal the community structure and connection characteristics of attack nodes,providing valuable references for the prevention of novel or evolving attacks.关键词
网络入侵检测/图热核扩散/图表示学习/图神经网络Key words
network intrusion detection/graph heat kernel diffusion/graph representation learning/graph neural network分类
信息技术与安全科学引用本文复制引用
景永俊,王浩,邵堃,王晓峰..一种基于图热核扩散卷积的网络入侵检测方法[J].计算机工程与科学,2025,47(3):459-471,13.基金项目
国家自然科学基金(61572167) (61572167)
