Graph-based intrusion detection using GCN, Transformer autoencoder, and contrastive learning

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for vigovindaraja from gravatar.com vigovindaraja

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT License)
  • Author: Vijay Govindarajan
  • Tags cloud-security , contrastive-learning , graph-neural-network , intrusion-detection , network-security , transformer
  • Requires: Python >=3.10
  • Provides-Extra: dev , shap
Classifiers
Report project as malware

Project description

GraphIDS

Graph-based intrusion detection using GCN, Transformer autoencoder, and contrastive learning.

Reference implementation of the framework introduced in:

Govindarajan, V. & Muzamal, J. H. (2025). Advanced cloud intrusion detection framework using graph based features transformers and contrastive learning. Scientific Reports, 15, 20511. DOI: 10.1038/s41598-025-07956-w

Install

pip install graphids

Quick start

from graphids import GraphIDS

model = GraphIDS(n_features=41, n_classes=5)
model.train_pipeline(X_train, y_train)
result = model.evaluate(X_test, y_test)
print(f"Accuracy: {result.accuracy:.4f}")

Architecture

Three-stage pipeline:

  1. GCN — constructs a communication graph from flow data, extracts structural node embeddings via 3-layer graph convolution
  2. Transformer autoencoder — refines embeddings through self-attention, identifies discriminative feature dimensions
  3. Contrastive classifier — improves class separation for minority attack types (U2R, R2L), outputs multi-class predictions

Results (from the paper)

Dataset Accuracy Precision Recall F1 FPR
NSL-KDD (5-class) 99.97% 99.94% 99.92% 99.93% 0.05%
CIC-IDS (binary) 99.96% 99.93% 99.91% 99.92% 0.06%
CIC-IDS (multi) 99.95% 99.92% 99.90% 99.91% 0.07%

Citation

@article{govindarajan2025graphids,
    title   = {Advanced cloud intrusion detection framework using graph based
               features transformers and contrastive learning},
    author  = {Govindarajan, Vijay and Muzamal, Junaid Hussain},
    journal = {Scientific Reports},
    volume  = {15},
    pages   = {20511},
    year    = {2025},
    doi     = {10.1038/s41598-025-07956-w},
}

License

MIT

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for vigovindaraja from gravatar.com vigovindaraja

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT License)
  • Author: Vijay Govindarajan
  • Tags cloud-security , contrastive-learning , graph-neural-network , intrusion-detection , network-security , transformer
  • Requires: Python >=3.10
  • Provides-Extra: dev , shap
Classifiers

Release history Release notifications | RSS feed

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

graphids-0.1.0.tar.gz (12.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

graphids-0.1.0-py3-none-any.whl (12.7 kB view details)

Uploaded Python 3

File details

Details for the file graphids-0.1.0.tar.gz.

File metadata

  • Download URL: graphids-0.1.0.tar.gz
  • Upload date:
  • Size: 12.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for graphids-0.1.0.tar.gz
Algorithm Hash digest
SHA256 db63759f43cbe5361b07c54276709c9b63d4269cc8b97df55e5df6cae6eba603
MD5 f8084ed1639442f9335d89d690bcedb6
BLAKE2b-256 eb106d4af618da8347695c722c3e7f3f8d3b636fcbd29038b3e0121511359227

See more details on using hashes here.

Provenance

The following attestation bundles were made for graphids-0.1.0.tar.gz:

Publisher: publish.yml on vijaygovindaraja/graphids

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file graphids-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: graphids-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 12.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for graphids-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 46f1df024a4ac757ec6419d18dc2073213f0404bc51c243225cefb3d2745e1d5
MD5 c8e910ec29111fc35fcc82e481e8ffe7
BLAKE2b-256 ad2ae3e5674c774697f9155638db5a3490481e4c2115b2d0ab3807e3beac0eb2

See more details on using hashes here.

Provenance

The following attestation bundles were made for graphids-0.1.0-py3-none-any.whl:

Publisher: publish.yml on vijaygovindaraja/graphids

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page