TY - GEN
T1 - Leveraging Graph Neural Networks for Attack Detection in IoT Systems
AU - Rezki, Ramzi
AU - Badr, Youakim
AU - Bouzefrane, Samia
AU - Mourlin, Fabrice
AU - Yacoub, Meziane
N1 - Publisher Copyright:
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2025.
PY - 2025
Y1 - 2025
N2 - The increasing interconnectivity of Internet-of-Things (IoT) has exposed them to diverse cyber threats and adversarial attacks, distributed denial-of-service (DDoS) attacks, spoofing and man-in-the-middle intrusions, malware injections, ransomware, and adversarial machine learning exploits. To detect these attacks, this research leverages Graph Neural Networks (GNNs) for intrusion detection and attack analysis by exploiting the graph’s intrinsic structure of communication networks and sessions. We propose advanced GNN-based models that extract high-dimensional features from IoT networks and enable in-depth analysis of packets. By representing IoT networks as graphs, GNNs effectively capture the intricate interactions and dependencies among network components. The proposed models were trained on three distinct datasets, namely ToNIoT, NFBoTIoT, and GraSecIoT, to perform detection tasks, including binary classification to differentiate normal from malicious behavior and multi-class classification to identify one or more underlying attacks. The experimental results validate the effectiveness of graph neural networks in detecting malicious activities and categorizing attack types, thereby offering a robust solution for securing IoT environments.
AB - The increasing interconnectivity of Internet-of-Things (IoT) has exposed them to diverse cyber threats and adversarial attacks, distributed denial-of-service (DDoS) attacks, spoofing and man-in-the-middle intrusions, malware injections, ransomware, and adversarial machine learning exploits. To detect these attacks, this research leverages Graph Neural Networks (GNNs) for intrusion detection and attack analysis by exploiting the graph’s intrinsic structure of communication networks and sessions. We propose advanced GNN-based models that extract high-dimensional features from IoT networks and enable in-depth analysis of packets. By representing IoT networks as graphs, GNNs effectively capture the intricate interactions and dependencies among network components. The proposed models were trained on three distinct datasets, namely ToNIoT, NFBoTIoT, and GraSecIoT, to perform detection tasks, including binary classification to differentiate normal from malicious behavior and multi-class classification to identify one or more underlying attacks. The experimental results validate the effectiveness of graph neural networks in detecting malicious activities and categorizing attack types, thereby offering a robust solution for securing IoT environments.
UR - https://www.scopus.com/pages/publications/105015407055
UR - https://www.scopus.com/pages/publications/105015407055#tab=citedBy
U2 - 10.1007/978-3-032-00639-4_15
DO - 10.1007/978-3-032-00639-4_15
M3 - Conference contribution
AN - SCOPUS:105015407055
SN - 9783032006387
T3 - Lecture Notes in Computer Science
SP - 259
EP - 274
BT - Availability, Reliability and Security - ARES 2025 International Workshops, Proceedings
A2 - Coppens, Bart
A2 - Volckaert, Bruno
A2 - De Sutter, Bjorn
A2 - Naessens, Vincent
PB - Springer Science and Business Media Deutschland GmbH
T2 - International Workshops on Availability, Reliability and Security, held under the umbrella of the 20th International conference on Availability, Reliability and Security, ARES 2025
Y2 - 11 August 2025 through 14 August 2025
ER -