Advanced Persistent Threat Detection in Smart Grid Clouds Using Spatiotemporal Context-Aware Graph Embedding
Author
Abstract

Advanced persistent threat (APT) attacks have caused severe damage to many core information infrastructures. To tackle this issue, the graph-based methods have been proposed due to their ability for learning complex interaction patterns of network entities with discrete graph snapshots. However, such methods are challenged by the computer networking model characterized by a natural continuous-time dynamic heterogeneous graph. In this paper, we propose a heterogeneous graph neural network based APT detection method in smart grid clouds. Our model is an encoderdecoder structure. The encoder uses heterogeneous temporal memory and attention embedding modules to capture contextual information of interactions of network entities from the time and spatial dimensions respectively. We implement a prototype and conduct extensive experiments on real-world cyber-security datasets with more than 10 million records. Experimental results show that our method can achieve superior detection performance than state-of-the-art methods.

Year of Publication
2022
Date Published
dec
Publisher
IEEE
Conference Location
Rio de Janeiro, Brazil
ISBN Number
978-1-66543-540-6
URL
https://ieeexplore.ieee.org/document/10001486/
DOI
10.1109/GLOBECOM48099.2022.10001486
Google Scholar | BibTeX | DOI