Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Recurso digital |
| Language: | |
| Published: |
Zenodo
2026
|
| Online Access: | https://doi.org/10.5281/zenodo.20378651 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Table of Contents:
- Abstract - Zero-day cyber attacks pose a significant challenge to modern cybersecurity systems due to the absence of known signatures and labeled training data. Traditional intrusion detection systems rely on predefined rules and fail to generalize to unseen threats. This paper proposes a self-supervised behavioral graph framework that models system activity as heterogeneous graphs and detects anomalies without requiring labeled attack data. The system constructs temporal behavioral graphs from real-time system events and utilizes a graph autoencoder to learn normal behavior. A hybrid anomaly detection mechanism combining reconstruction error and structural graph features improves detection robustness. Additionally, a continual learning module enables adaptation to evolving system behavior while preventing catastrophic forgetting. Experimental results demonstrate that the system achieves 100% recall on attack detection with 85.7% precision and detection latency between 200–400 milliseconds, making it suitable for real-time deployment in production environments.