Search Icon
Register

Evaluating Euler: Experimental Results of Network Anomaly Detection Models

Isaiah J. King (The George Washington University)

Lateral movement is a key stage of system compromise used by advanced persistent threats, and detecting it is no simple task. But when network host logs are abstracted into discrete temporal graphs, the problem can be reframed as anomalous edge detection in an evolving network. We have implemented a formalized approach to this problem with a framework we call Euler. It consists of a model-agnostic graph neural network stacked upon a model-agnostic sequence encoding layer such as a recurrent neural network. In this talk, we will discuss the challenges we faced comparing Euler to other link prediction and anomaly detection models, and how we justified and qualified our conclusions about its effectiveness. We proposed a more precise terminology for temporal link prediction tasks to aid in reproducibility. Assertions about the relative quality of models are backed with inferential statistics, not just performance metrics, ensuring fair comparison. Finally, we discuss the value of various metrics and data sets for anomaly detection in general.

Speaker's biography

Isaiah J. King is a Ph.D. student at the George Washington University School of Engineering and Applied Sciences and an ARCS scholar. His research interests include unsupervised machine learning on graphs, and distributed machine learning, particularly as they apply to intrusion detection systems.

View More Papers

coucouArray ( [post_type] => ndss-paper [post_status] => publish [posts_per_page] => 4 [orderby] => rand [tax_query] => Array ( [0] => Array ( [taxonomy] => category [field] => id [terms] => Array ( [0] => 42 [1] => 55 ) ) ) [post__not_in] => Array ( [0] => 8407 ) )

Property Inference Attacks Against GANs

Junhao Zhou (Xi'an Jiaotong University), Yufei Chen (Xi'an Jiaotong University), Chao Shen (Xi'an Jiaotong University), Yang Zhang (CISPA Helmholtz Center for Information Security)

Read More

Transparency Dictionaries with Succinct Proofs of Correct Operation

Ioanna Tzialla (New York University), Abhiram Kothapalli (Carnegie Mellon University), Bryan Parno (Carnegie Mellon University), Srinath Setty (Microsoft Research)

Read More

Testability Tarpits: the Impact of Code Patterns on the...

Feras Al Kassar (SAP Security Research), Giulia Clerici (SAP Security Research), Luca Compagna (SAP Security Research), Davide Balzarotti (EURECOM), Fabian Yamaguchi (ShiftLeft Inc)

Read More

DRIVETRUTH: Automated Autonomous Driving Dataset Generation for Security Applications

Raymond Muller (Purdue University), Yanmao Man (University of Arizona), Z. Berkay Celik (Purdue University), Ming Li (University of Arizona) and Ryan Gerdes (Virginia Tech)

Read More

Privacy Starts with UI: Privacy Patterns and Designer Perspectives in UI/UX Practice

Anxhela Maloku (Technical University of Munich), Alexandra Klymenko (Technical University of Munich), Stephen Meisenbacher (Technical University of Munich), Florian Matthes (Technical University of Munich)

Vision: Profiling Human Attackers: Personality and Behavioral Patterns in Deceptive Multi-Stage CTF Challenges

Khalid Alasiri (School of Computing and Augmented Intelligence Arizona State University), Rakibul Hasan (School of Computing and Augmented Intelligence Arizona State University)

From Underground to Mainstream Marketplaces: Measuring AI-Enabled NSFW Deepfakes on Fiverr

Mohamed Moustafa Dawoud (University of California, Santa Cruz), Alejandro Cuevas (Princeton University), Ram Sundara Raman (University of California, Santa Cruz)