As the complexity of computer networks continues to rise, the number of security vulnerabilities and problems will also increase. Typical intrusion detection systems may struggle to detect complex attacks. The purpose of this study is to provide a reliable intrusion detection system based on machine learning and Graph Neural Networks to address the issues stated above. Identification of communication channels, links, and patterns can be achieved through graph-structural modelling of network topologies. As a result, the detection and classification of assaults were enhanced. It employs a one-of-a-kind GNN design that incorporates attention mechanisms to monitor network evolution and prioritize essential links. Integration across network topology and geographic information is a means to accomplish these objectives. Using benchmark datasets such as NSL-KDD and CICIDS2017, the proposed GNN-IDS demonstrated superior performance in terms of detection precision, number of intrusions detected, and false-positive rate compared to the most advanced approaches currently available. According to the research findings, GNN-IDS can identify new vulnerabilities and attack vectors, making it a scalable, practical, and real-time network security monitoring tool. The proposed GNN-based system identifies hidden, multi-hop attack paths that conventional intrusion detectors cannot detect. This model is real-time adaptable, continually updating the network graph and highlighting significant connections and attacker patterns. This model demonstrate a high level of detection compared to most current approaches to intrusion detection, warranting the use in large networks.
Yang et al. (Sat,) studied this question.