Graph Neural Network Based Adaptive Threat Detection for Cloud Identity and Access Management Logs

📝 Original Info

• Title: Graph Neural Network Based Adaptive Threat Detection for Cloud Identity and Access Management Logs
• ArXiv ID: 2512.10280
• Date: 2025-12-11
• Authors: Venkata Tanuja Madireddy

📝 Abstract

The rapid expansion of cloud infrastructures and distributed identity systems has significantly increased the complexity and attack surface of modern enterprises. Traditional rule-based or signature-driven detection systems are often inadequate in identifying novel or evolving threats within Identity and Access Management (IAM) logs, where anomalous behavior may appear statistically benign but contextually malicious. This paper presents a Graph Neural Network-Based Adaptive Threat Detection framework designed to learn latent user-resource interaction patterns from IAM audit trails in real time. By modeling IAM logs as heterogeneous dynamic graphs, the proposed system captures temporal, relational, and contextual dependencies across entities such as users, roles, sessions, and access actions. The model incorporates attention-based aggregation and graph embedding updates to enable continual adaptation to changing cloud environments. Experimental evaluation on synthesized and real-world IAM datasets demonstrates that the proposed method achieves higher detection precision and recall than baseline LSTM and GCN classifiers, while maintaining scalability across multi-tenant cloud environments. The framework's adaptability enables proac...

📄 Full Content

...(본문 내용이 길어 생략되었습니다. 사이트에서 전문을 확인해 주세요.)