Graph-Based Techniques for Cybersecurity: A Survey on Intrusion and Vulnerability Detection
摘要
In the current digital era, most devices are connected to the internet, increasing data theft and cybercrimes. The traditional intrusion detection system relies on a pre-defined rule-based approach and cannot adopt new threat definitions and evolving strategies. Unlike traditional IDS systems, GNN-based models like E-GraphSAGE can detect novel attack patterns by learning topological features from the network data. Knowledge Graphs constructed from NVD datasets enable semantic queries and reasoning and outperform manual analysis. This paper reviews graph-based approaches, focusing on the applications of knowledge graphs (KGs) and graph neural networks (GNNs) in detecting vulnerabilities and network intrusions. A comprehensive review of existing work highlights methodologies, datasets, and performance metrics. Finally, limitations are discussed.