Graph-based detection of multi-step attacks using graph convolutional networks

Multi-step attacks, including advanced persistent threats (APT), distributed denial of service (DDoS) and botnets, are still among the most sophisticated threats that modern organisations are experiencing today. Most traditional methods of detecting these threats have difficulties identifying unknown types of events from unknown sources. In this study, we introduce a reproducible GCN-based event-log correlation framework for Multi-step attack detection. In this work, we replicated GC-PTransE for