Using Graph Algorithms to Enhance Machine Learning for Cyber Threat Detection

Groundbreaking research by Sikha et al. from the University of West Florida demonstrates how graph algorithms can enhance machine learning in cyber threat detection by capturing and utilizing data relationships often discarded in traditional ML processes. Utilizing Memgraph's graph algorithms and extensions, the study effectively transforms log data into graph nodes and edges, representing IP addresses and their connections as potential attack tactics. By applying algorithms like PageRank, Degree Centrality, and Node Classification, the research identifies the nature and likelihood of cyber threats within the UWF-ZeekData22 dataset. These algorithms enable the classification of IP addresses and ports as potential attackers or benign entities under the MITRE ATT&CK framework, highlighting the importance of leveraging graph structures to improve cybersecurity in resource-constrained environments. The study underscores the potential of graph-based machine learning in detecting cyber threats more efficiently, suggesting it as a vital tool for modern cybersecurity strategies.