DeepGFL: Deep Feature Learning via Graph for Attack Detection on Flow-Based Network Traffic

The ability to mine structurally complex and latent relationship among network flows has become the focus of many initiatives. Learning graph representation for network attack detection has become a critical issue which is an across-network machine learning task. However, the challenge of effectively representing graph for network traffic is unmet yet, especially for detecting various threat patterns which is modeled as attributed graph. In the same time, existing methods could not capture higher-order subgraph structures. For these reasons, we propose a new way to model network graph called Deep Graph Feature Learning (DeepGFL) for network attack detection to solve this problem. DeepGFL is a framework studying deep features from attributed network flow graph. We automatically generalize higher-order features from raw features obtained from attributed graphs and then implement network attack detection. We evaluate the proposed framework with raw features threat detection on a real world datasets. Experimental results show that DeepGFL is more effective, more accurate and more space efficient for network attack detection.