CONTINUUM: Detecting APT Attacks through Spatial-Temporal Graph Neural Networks
Atmane Ayoub Mansour Bahar, Kamel Soaid Ferrahi, Mohamed-Lamine Messai, Hamida Seba, Karima Amrouche·January 06, 2025
Summary
A novel Intrusion Detection System (IDS) using a Spatio-Temporal Graph Neural Network Autoencoder is introduced to detect Advanced Persistent Threats (APTs). This system addresses traditional IDS limitations in handling multi-stage attacks by analyzing complex relationships within networked data. It leverages spatial and temporal information to identify sequential stages of APTs, ensuring privacy and scalability through a federated learning environment with homomorphic encryption. Evaluation demonstrates lower false positive rates and optimized resource usage compared to existing methods, highlighting the potential of spatio-temporal analysis and federated learning in enhancing cybersecurity defenses.
Advanced features