CONTINUUM: Detecting APT Attacks through Spatial-Temporal Graph Neural Networks

A novel Intrusion Detection System (IDS) using a Spatio-Temporal Graph Neural Network Autoencoder is introduced to detect Advanced Persistent Threats (APTs). This system addresses traditional IDS limitations in handling multi-stage attacks by analyzing complex relationships within networked data. It leverages spatial and temporal information to identify sequential stages of APTs, ensuring privacy and scalability through a federated learning environment with homomorphic encryption. Evaluation demonstrates lower false positive rates and optimized resource usage compared to existing methods, highlighting the potential of spatio-temporal analysis and federated learning in enhancing cybersecurity defenses.