Authors : Kevin William Peoples

Volume/Issue : Volume 10 - 2025, Issue 10 - October

Google Scholar : https://tinyurl.com/8j7yufn6

Scribd : https://tinyurl.com/332dbm3n

DOI : https://doi.org/10.38124/ijisrt/25oct435

Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.

Note : Google Scholar may take 30 to 40 days to display the article.

Abstract : In terms of cybersecurity, “Advanced Persistent Threats (APT)” attacks are the significant threat due to their adaptation, persistence, and stealth against usual detection mechanisms. With smart tactics used by APT attackers to infiltrate networks and stay undetected for longer periods of time, this study has focused on “Graph Neural Networks (GNNs)” for detecting APT attacks. GNNs are excellent in capturing complex relationships in network data, using graphical structures to identify anomalies and subtle patterns which indicate behaviors in APT. This study reports existing detailed exploration of GNNs as modern technology to improve capabilities of “Intrusion Detection Systems (IDS)”. APT attacks pose significant threats because of their persistence and smart tactics, underscoring the need for innovative approaches. The study provides an in-depth survey of applications of GNN against APT attacks to protect enterprise networks, precisely analyzing different architectures of GNN and proposing a framework curated especially to evaluate the systems for APT detection. In addition, this study proposes a novel approach for APT attack detection in real-time by using time evolution and opens further opportunities for future studies. Findings of the study elucidate the significant role played by GNNs to address the rising threats posed by APTs, focusing on potential to improve cybersecurity. In addition, the study identifies future research directions and development in using graph-based and machine learning techniques for proactive and adaptive intrusion detection in complex environments.

Keywords : Advanced Persistent Threat, Graph Neural Networks, Intrusion Detection Systems, APT Attacks, APT Detection, Machine Learning.

References :

1. Iniewski, K., McCrosky, C., & Minoli, D. (2008). Network infrastructure and architecture: designing high-availability networks. John Wiley & Sons.
2. Yasar, K. and Linda R. (2023). What is an advanced persistent threat (APT)? TechTarget. Available at https://www.techtarget.com/searchsecurity/definition/advanced-persistent-threat- APT.
3. Alshamrani, A., Myneni, S., Chowdhary, A., & Huang, D. (2019). A survey on advanced persistent threats: Techniques, solutions, challenges, and research opportunities. IEEE Communications Surveys & Tutorials, 21(2), 1851-1877.
4. Ussath, M., Jaeger, D., Cheng, F., & Meinel, C. (2016, March). Advanced persistent threats: Behind the scenes. In 2016 Annual Conference on Information Science and Systems (CISS) (pp. 181-186). IEEE.
5. Vukalović, J., & Delija, D. (2015, May). Advanced persistent threats-detection and defense. In 2015 38Th international convention on information and communication technology, electronics and microelectronics (MIPRO) (pp. 1324-1330). IEEE.
6. Quintero-Bonilla, S., & Martín del Rey, A. (2020). A new proposal on the advanced persistent threat: A survey. Applied Sciences, 10(11), 3874.
7. Liu, Z., & Zhou, J. (2022). Introduction to graph neural networks. Springer Nature.
8. Athmane, M. M. B., Soaïd, M. F. K., Hamida, M. S., Mohamed, M. M., & Karima, M. A. (2023). Building a novel Graph Neural Networks-based model for efficient detection of Advanced Persistent Threats.
9. Friji, H. (2024). Graph neural network-based intrusion detection for secure edge networks. Computer science. Institut Polytechnique de Paris, 2024. English.
10. Peng, Z. H., Hu, C. Z., & Shan, C. (2025). Anomaly Detection for Advanced Persistent Threats with Graph Node Embedding. Journal of Information Science & Engineering, 41(3). Ren, Y., Xiao, Y., Zhou, Y., Zhang, Z., & Tian, Z. (2022). CSKG4APT: A cybersecurity knowledge graph for advanced persistent threat organization attribution. IEEE Transactions on Knowledge and Data Engineering, 35(6), 5695-5709.
11. Ren, W., Song, X., Hong, Y., Lei, Y., Yao, J., Du, Y., & Li, W. (2023). APT attack detection based on graph convolutional neural networks. International Journal of Computational Intelligence Systems, 16(1), 184.
12. Guo, Z., Li, X., Shen, H., Zhang, X., Wang, W., & Xie, D. (2025, January). Detecting advanced persistent threats via casual graph neural network. In Fourth International Conference on Network Communication and Information Security (ICNCIS 2024) (Vol. 13516, pp. 273-279). SPIE.
13. Gowthami, G., Sadhana, C., Silvia Priscila, S., Radhakrishnan, S., SakthiVanitha, M., & Kannan, B. (2024, October). Enhancing Enterprise Network Security with Machine Learning: An In-Depth Analysis of Advanced Persistent Threat Detection. In International Conference on Computing and Communication Networks (pp. 525-537). Singapore: Springer Nature Singapore.
14. Anjum, M. M., Iqbal, S., & Hamelin, B. (2022, April). ANUBIS: a provenance graph-based framework for advanced persistent threat detection. In Proceedings of the 37th ACM/SIGAPP Symposium on Applied Computing (pp. 1684-1693).
15. Mansour Bahar, A. A., Ferrahi, K. S., Messai, M. L., Seba, H., & Amrouche, K. (2024, July). FedHE-graph: federated learning with hybrid encryption on graph neural networks for advanced persistent threat detection. In Proceedings of the 19th International Conference on Availability, Reliability and Security (pp. 1-10).
16. Soliman, H. M., Sovilj, D., Salmon, G., Rao, M., & Mayya, N. (2023). Rank: Ai-assisted end- to-end architecture for detecting persistent attacks in enterprise networks. IEEE Transactions on Dependable and Secure Computing, 21(4), 3834-3850.
17. Guttikonda, B. (2024). Adaptive Detection of Advanced Persistent Threats (APT) in Multi- Layered Network Environments (Doctoral dissertation, Dublin, National College of Ireland). Wei, R., Cai, L., Zhao, L., Yu, A., & Meng, D. (2021, September). Deephunter: A graph neural network-based approach for robust cyber threat hunting. In International Conference on Security and Privacy in Communication Systems (pp. 3-24). Cham: Springer International Publishing.
18. VMware    (2019).   What      is Advanced Persistent Threat (APT)? Available at https://www.broadcom.com/topics/advanced-persistent-threats
19. Google       (2024).   Tool        of            First Resort, Israel-Hamas War         in Cyber. Available at https://services.google.com/fh/files/misc/tool-of-first-resort-israel-hamas-war-cyber.pdf
20. Athmane, M. M. B., Soaïd, M. F. K., Hamida, M. S., Mohamed, M. M., & Karima, M. A. (2023). Building a novel Graph Neural Networks-based model for efficient detection of Advanced Persistent Threats.
21. Sangchoolie, B., Folkesson, P., Kleberger, P., & Vinter, J. (2020, June). Analysis of cybersecurity mechanisms with respect to dependability and security attributes. In 2020 50^th
22. Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W) (pp. 94-101). IEEE.
23. Alsaqour, R., Majrashi, A., Alreedi, M., Alomar, K., & Abdelhaq, M. (2021). Defense in Depth: Multilayer of security. International Journal of Communication Networks and Information Security, 13(2), 242-248.
24. Jabez, J., & Muthukumar, B. J. P. C. S. (2015). Intrusion Detection System (IDS): Anomaly detection using outlier detection approach. Procedia Computer Science, 48, 338-346