Location
https://www.kennesaw.edu/ccse/events/computing-showcase/sp26-cday-program.php
Document Type
Event
Start Date
22-4-2026 4:00 PM
Description
Temporal Graph Neural Networks (TGNNs) have reported near-perfect accuracy in Network Intrusion Detection (NID). However, this research reveals these results are often artifacts of dataset flaws rather than genuine model capability. Through a systematic audit of five benchmark datasets, we identify critical issues: node identity leakage, feature extraction artifacts, train/test contamination, and temporal sparsity. We demonstrate that models often learn to recognize specific attacker IP addresses instead of generalizing attack behavior. We propose a standardized evaluation framework featuring leakage-aware relabeling and attack-aware chronological splitting to provide a more reliable basis for future TGNN-NID research.
Included in
GRP-0100-193 Are TGNN-Based Intrusion Detection Results Trustworthy? A Dataset Audit and Evaluation Framework
https://www.kennesaw.edu/ccse/events/computing-showcase/sp26-cday-program.php
Temporal Graph Neural Networks (TGNNs) have reported near-perfect accuracy in Network Intrusion Detection (NID). However, this research reveals these results are often artifacts of dataset flaws rather than genuine model capability. Through a systematic audit of five benchmark datasets, we identify critical issues: node identity leakage, feature extraction artifacts, train/test contamination, and temporal sparsity. We demonstrate that models often learn to recognize specific attacker IP addresses instead of generalizing attack behavior. We propose a standardized evaluation framework featuring leakage-aware relabeling and attack-aware chronological splitting to provide a more reliable basis for future TGNN-NID research.