Doktorandské kolokvium KAI - Onoja Monday (3.11.2025)
v pondelok 3.11.2025 o 13:10 hod. v miestnosti I 9
Prednášajúci: Onoja Monday
Názov: Integrating Ontology and Graph Neural Network for Explainable Malware Detection
Termín: 3.11.2025, 13:10 hod., I/9
Abstrakt:
Graph Neural Networks (GNNs) are increasingly applied to cybersecurity tasks such as malware detection, intrusion detection, and program analysis, as they effectively model structured program representations and capture relational dependencies beyond flat feature vectors. However, their black-box nature poses challenges in security-critical domains, where analysts require explanations for trust and forensic analysis. This motivates the use of explainable GNNs (XGNNs), which aim to provide interpretable insights into model predictions. In this work, we investigate Relational Graph Convolutional Networks (R-GCNs) for ontology-based malware detection. Proof-of-concept experiments demonstrate that incorporating bidirectional relations through edge reversal significantly improves both predictive accuracy and interpretability. Specifically, R-GCN with edge reversal (RGCN2) achieved 98% accuracy and true positive rate (TPR) on the numeric data subset of the reviewed Ontology - Knowledge Graph Ember dataset with 1000 binary, compared to 67% in baseline models, and delivered 87% fidelity with the Captum explainer. These results highlight the promise of relational GNNs for leveraging semantic structures in ontology-driven cybersecurity, where explainability and robustness are essential.