Graph Adversarial Learning for the Generation and Detection of Cyber Attacks in Transportation

Investigator(s):

• Xia (Ben) Hu, Rice University, ORCID #: 0000-0003-2234-3226 (PI)

Project Description:

This project aims to generate and detect cybersecurity attacks on transportation cyber-infrastructure. Given transportation networks consisted of individual entities and communication links, our goal is to generate more attacked patterns of transportation networks and train a robust system to detect the cybersecurity attacks existing in nodes as well as edges. To capture the communication topology and attribute information exist inherently in the networks, we will propose interpretation-enhanced generative networks and graph adversarial training to synthesize and detect attacks, respectively. The interpretation-enhanced generative networks aim to identify the perturbation direction of topology and attribute for crafting the adversarial samples, which could also be understood by cyber-security experts. Moreover, the graph adversarial training mechanism targets at perturbating the node features and link connections of input data, and improve the detection robustness of GNNs on the slightly-varying cybersecurity attacks.  We will deliver a GNN system by training on both realistic and synthesized data for the attack detection, and perform a detailed comparison between alternative solutions. Main findings will be summarized in at least one research paper and the final project report. Benchmark platform, datasets, and metadata produced through the project will be made publicly available.

We summarize the major objectives of this project as follows :

• Objective 1 Develop graph-based attacks generation with model interpretation;
• Objective 2 Detect attacks with scalable adversarial training on graph neural networks;
• Objective 3 Evaluate proposed solutions using datasets of real and synthesized attacks.

Figure 1- Generative adversarial network. We will develop a generator and a discriminator for network intrusions based on Graph Neural Networks.

Figure 1 illustrates a Generative Adversarial Network (GAN) for cybersecurity attacks. This project will engage in transformative research by designing a graph-based generative adversarial network architecture to learn the generation of cybersecurity attacks and the discrimination for them. However, it is non-trivial conduct such research due to following two-fold challenges. First, it is rarely explored to synthesize the authentic adversarial attacks understood by cyber-security experts, which helps them analyze the vulnerabilities of models. Second, it is challenging to train a robust graph neural networks to detect the diverse attacks sourcing from topology connection and node attributes. Here, we will focus on two approaches to address this problem: model interpretation and adversarial training. Different from previous work, this project will focus on three key innovations towards enhancing the transportation cyber-infrastructure:

1. We will propose the interpretation-enhanced generative networks to find out the most sensitive perturbation direction of topology and attribute for crafting the adversarial sample.
2. We will develop the graph adversarial training to perturbating the large-scale adjacency matrix and node features, which is leveraged to train GNNs and improve the detection robustness.
3. We will focus on evaluating the generation and detection of cybersecurity attacks on intelligent transportation systems instead of typical applications like computer vision and natural language processing.