Submit

Login Login

Register Register

Home/ Journals/ CMC/ Vol.86, No.1, 2026/ 10.32604/cmc.2025.068767

Table of Content

Open Access iconOpen Access

ARTICLE

crossmark

Graph-Based Intrusion Detection with Explainable Edge Classification Learning

Jaeho Shin1, Jaekwang Kim2,*

1 Department of Applied Data Science, Sungkyunkwan University, Seoul, 03063, Republic of Korea
2 Convergence Program for Social Innovation, Dept. of Applied Artificial Intelligence, Sungkyunkwan University, Seoul, 03063, Republic of Korea

* Corresponding Author: Jaekwang Kim. Email: email

(This article belongs to the Special Issue: Advances in Machine Learning and Artificial Intelligence for Intrusion Detection Systems)

Computers, Materials & Continua 2026, 86(1), 1-26. https://doi.org/10.32604/cmc.2025.068767

Received 05 June 2025; Accepted 01 August 2025; Issue published 10 November 2025

Abstract

Network attacks have become a critical issue in the internet security domain. Artificial intelligence technology-based detection methodologies have attracted attention; however, recent studies have struggled to adapt to changing attack patterns and complex network environments. In addition, it is difficult to explain the detection results logically using artificial intelligence. We propose a method for classifying network attacks using graph models to explain the detection results. First, we reconstruct the network packet data into a graphical structure. We then use a graph model to predict network attacks using edge classification. To explain the prediction results, we observed numerical changes by randomly masking and calculating the importance of neighbors, allowing us to extract significant subgraphs. Our experiments on six public datasets demonstrate superior performance with an average F1-score of 0.960 and accuracy of 0.964, outperforming traditional machine learning and other graph models. The visual representation of the extracted subgraphs highlights the neighboring nodes that have the greatest impact on the results, thus explaining detection. In conclusion, this study demonstrates that graph-based models are suitable for network attack detection in complex environments, and the importance of graph neighbors can be calculated to efficiently analyze the results. This approach can contribute to real-world network security analyses and provide a new direction in the field.

Keywords

Intrusion detection; graph neural network; explainable AI; network attacks; GraphSAGE

Cite This Article

APA Style
Shin, J., Kim, J. (2026). Graph-Based Intrusion Detection with Explainable Edge Classification Learning. Computers, Materials & Continua, 86(1), 1–26. https://doi.org/10.32604/cmc.2025.068767
Vancouver Style
Shin J, Kim J. Graph-Based Intrusion Detection with Explainable Edge Classification Learning. Comput Mater Contin. 2026;86(1):1–26. https://doi.org/10.32604/cmc.2025.068767
IEEE Style
J. Shin and J. Kim, “Graph-Based Intrusion Detection with Explainable Edge Classification Learning,” Comput. Mater. Contin., vol. 86, no. 1, pp. 1–26, 2026. https://doi.org/10.32604/cmc.2025.068767
BibTex EndNote RIS



cc Copyright © 2026 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

  • 1122

    View

  • 400

    Download

  • 0

    Like

Related articles

Copyright© 2025 Tech Science Press
© 1997-2025 TSP (Henderson, USA) unless otherwise stated

Share Link