This repository aims to collect research papers about applying graph models in cybersecurity scenarios.

1. Heterogeneous Graph Matching Networks: Application to Unknown Malware Detection. Shen Wang, Zhengzheng Chen, Xiao Yu, Ding Li, et.al. IJCAI, 2019. [paper] [[code]]

1. Log2vec: A Heterogeneous Graph Embedding Based Approach for Detecting Cyber Threats within Enterprise. Fucheng Liu, Yu Wen, Dongxue Zhang, Xihe Jiang, et.al. CCS, 2019. [paper] [[code]]
2. Unicorn: Runtime provenance-based detector for advanced persistent threats. Xueyuan Han, Thomas Pasquier, Adam Bates, James Mickens, et.al. NDSS, 2020. [paper] [[code]]
3. Detecting Lateral Movement in Enterprise Computer Networks with Unsupervised Graph AI. Benjamin Bowman, Craig Laprade, Yuede Ji, H. Howie Huang. RAID, 2020. [paper] [[code]]

As there are lots of researches in this area, I only list those published in cybersecurity-related conferences/journals or evaluated in cybersecurity scenarios. For more awesome graph attack papers, please refer to:

https://github.com/ChandlerBang/awesome-graph-attack-papers

https://github.com/safe-graph/graph-adversarial-learning-literature

https://github.com/DSE-MSU/DeepRobust/tree/master/deeprobust/graph

https://github.com/gitgiter/Graph-Adversarial-Learning

1. Attacking Graph-based Classification via Manipulating the Graph Structure. Binghui Wang, Neil Zhenqiang Gong. CCS, 2019. [paper] [[code]]
2. Attacking Graph-Based Classification without Changing Existing Connections Xuening Xu, Xiaojiang Du, Qiang Zeng. ACSAC, 2020. [paper] [[code]]
3. Stealing Links from Graph Neural Networks Xuening Xu, Jinyuan Jia, Michael Backes, Neil Zhenqiang Gong, Yang Zhang. USENIX SECURITY, 2021. [paper] [[code]]