search

harvardnlp / botnet-detection

Topological botnet detection datasets and graph neural network applications
MIT License
168 stars 42 forks source link

Questions about the Graph Dataset #16

Open AhmedSaad-ML opened 3 years ago

AhmedSaad-ML commented 3 years ago

Thank you for sharing the code of your publication its is really helpful. Can I ask about How did you structure the data into graphs?

  1. What features did you use for both nodes and edges embeddings? And how did you decide on that?
  2. How did you decide on which nodes are connected? Or on what bases did you generate the connections between the nodes?

Thanks a lot

jzhou316 commented 3 years ago

Hi @AhmedSaad-ML, sure:

  1. For the Botnet graphs, as we mainly explored learning on the graph topology itself, there are no particular features on the graph nodes and edges. For this, the initial node features are all 1's (same for every node) and no edge features, which are used to input to the GNNs.
  2. We overlay simulated and real Botnet topologies (certain topologies observed during a Botnet attack) onto real network connections that are recorded from the real world.

Let me know if they are still unclear (we also have more details in our paper). Thanks!