I am pleased to invite you to my upcoming thesis defense titled "Enhancing Detection and Explainability in Cybersecurity: A Shift from Machine Learning to Graph Learning." The event is scheduled for Wednesday, 24 January, at 9:00 AM, at the CRBS auditorium, 1 rue Eugène Boeckel, 67000 Strasbourg. This is a prospective date conditioned to the positive evaluation of thesis reviewers.

Rapporteurs: Mr. Hervé Debar (Prof., Télécom Sud Paris, Evry) and Ms Valeria Loscri (Prof., INRIA, Lille)

Examiners: Mr. Marc-Oliver Pahl (Prof., IMT Atlantique, Rennes), Ms. Anne Jeannin-Girardin (McF HDR, ICube, Strasbourg), Mr. Martin Husak (Dr., Masaryk University, Czech Republic), Ms. Cristel Pelsser (Prof., UCLouvain, Belgium)

Supervisors: Mr. PARREND Pierre (Prof., EPITA Strasbourg, ICube, Strasbourg), Mme DERUYVER Aline (McF HDR, Université de Strasbourg, ICube, Strasbourg), and Mr. Amhaz Rabih (Dr., ICAM-Strasbourg-Europe, ICube, Strasbourg)

Summary: This thesis focuses on transitioning from traditional machine learning to graph learning in cybersecurity, a crucial shift for representing complex data connections in cyberattacks. However, a key challenge lies in making the graph learning process explainable for cyberattack detection, which is critical for explaining the reason behind the detection and building trust among security analysts. To address this, the research contributes in three main areas. First, it introduces the ComGLSec workflow, a benchmarking process to evaluate graph learning methods based on their performance and inductivity in detecting cyberattacks. Second, it addresses the explainability challenges in graph learning by developing the Inductive GNNExplainer model for topological elucidation of attack detections and the GraphSecLearn library to enhance the contextuality in graph representations of cyberattack patterns. Lastly, the thesis proposes the XAIMetrics Framework for assessing explainability in machine learning, incorporating novel metrics to evaluate various aspects of explainability in the data analysis chain. This comprehensive approach improves understanding and trust in cybersecurity analysis and lays a foundational groundwork for extending these metrics to graph learning, highlighting significant advancements in the field.

Keywords: Graph Learning, Explainability, Cybersecurity, Machine Learning, IoT, Benchmarking, Connected Attack Graphs, Event Graphs, Explainability Metrics.

To help us prepare adequately, kindly confirm your attendance by completing this short survey: https://evento.renater.fr/survey/participation-a-la-soutenance-de-these-amani-abou-rida-lhfwin9v.

Looking forward to your attendance!