Multi-Modal Integration of Deep Graph and Metric Learning for Optimal Malicious Behavior Detection
, VP in the Artificial Intelligence (AI) Center of Excellence (CoE) in Advisory, Deloitte
Our previous work on graph-based flow detection detects malicious behaviors (malware, active threat, zero-days, etc.) across network topologies. While this is a very powerful approach to detection, it has obvious limitations, as it's constrained by the communication between hosts. We extend this methodology through using a multi-modal approach aligning deep graph learning with metric learning by including endpoint (EP) data. Our approach provides a rigorous holistic approach for improving visibility of malicious behavior by optimizing correlation between both flow and EP info.