This paper introduces a novel method for Network Threat Detection System based on Graph Neural Networks (GNNs). Network threat detection refers to the detection and response to possible security threats within a network, utilizing techniques and tools for monitoring traffic, data analysis, and the identification of anomalies or malicious behaviour. Graph Neural Networks are developed for processing and analysing data that is expressed in the form of Graphs, which comprises nodes and edges. Graph Neural Networks (GNNs) provide a promising solution towards improving network threat detection by taking advantage of their capability to represent complicated relationships and patterns in network data to detect malicious activity and potential attack. In this paper we propose a combined approach of GraphSAGE and Temporal Graph Networks (TGNs) for Real Time Threat Detection which allow us to Graph SAGE’s Scalability and TGNs to model evolving attack patterns. The key approach is to use Graph SAGE for efficient large-scale graph embedding and TGN for Time Aware Anomaly Detection. The results of our study show significant improvements in the effectiveness of anomaly detection and practical applicability of visualization in real-time scenarios. The present study integrates the advances in the network approach and various visualization methods to provide the new ideas for network security and management for dynamic network management improvement.

Graph Neural Networks, Network Threat Detection, GraphSAGE, Temporal Graph Networks (TGNs), Anomaly Detection

The GraphSAGE + TGN hybrid model proposed here for real-time network threat identification is a scalable, adaptive, and high-precision method of identifying known as well as emerging cyber threats. Through the integration of GraphSAGE's inductive learning feature with TGN's temporal memory updates, the model effectively identifies both static and dynamic attack patterns. Through intense testing on openly accessible benchmarks like UNSW-NB15 and CICIDS, the hybrid model outperforms traditional machine learning and single GNN-based approaches by a significant margin. The results corroborate that GraphSAGE is extremely effective in obtaining neighbourhood-based representations, hence enhancing model generalizability to unseen network constituents. TGN learns temporal threat patterns dynamically, hence being highly effective against evolving attacks such as Advanced Persistent Threats (APTs). The hybrid model has low false positives, enabling reliable and consistent anomaly detection. Scalability and real-time processing optimizations

-