Event Details

Design and Evaluation of Graph-Based Anomaly Detection for Lateral Movement Attacks

Presenter: Prahar Shah
Supervisor: Dr. Issa Traore

Date: Thu, July 2, 2026
Time: 11:15:00 - 00:00:00
Place: Online via Zoom

ABSTRACT

https://uvic.zoom.us/j/89697968567?pwd=afVPUP3IGegZVLlEHaxk6efg92Hh4C.1

Abstract:

This seminar presents the design and evaluation of a graph-based anomaly detection approach for detecting lateral movement attacks. The project models activity across Linux and Windows hosts as a heterogeneous graph and uses a graph neural network to identify suspicious relationships between users, hosts, processes, files, services, and network connections. The evaluation compares this approach with rule-based detection, Isolation Forest, and LSTM autoencoders under concentrated and low-and-slow attack conditions, showing that graph-based modelling can improve detection coverage, reduce alert volume, and provide useful investigation context.

Return to global menu.
Return to primary navigation.
Return to secondary navigation.
Return to page content.

Event Details

Design and Evaluation of Graph-Based Anomaly Detection for Lateral Movement Attacks

UVic Electrical & Computer Engineering

UVic Electrical & Computer Engineering