ActivityRDI: A Centralized Solution Framework for Activity Retrieval and Detection Intelligence based on Knowledge Graph, Large Language Model and Imbalanced Learning

Network threat detection difficulty: Network threat detection is challenging because attack activities are complex and historically revealed threat data is limited.

Need to enhance threat detection methods: Existing analytics, machine learning, and AI methods need enhancement to detect network threats.

Network threat detection difficulty: Network threat detection is challenging because attack activities are complex and historically revealed threat data is limited.

Need to enhance threat detection methods: Existing analytics, machine learning, and AI methods need enhancement to detect network threats.

ActivityRDI framework: The paper proposes a centralized Activity Retrieval and Detection Intelligence framework for activity retrieval and detection across network threat detection and other domains.

Multi-agent AI threat detection: The paper proposes a multi-agent AI solution for agile threat detection.

Knowledge graph risk analysis: A knowledge graph is used to analyze changes in user activity patterns and calculate risk of unknown threats.

Imbalanced learning graph weighting: An imbalanced learning model is used to prune and weigh the knowledge graph and calculate risk of known threats.

LLM risk interpretation: A large language model retrieves and interprets user-activity risk from the knowledge graph and imbalanced learning model.

Improved threat capture rate:

Natural language risk interpretations:

Demo application built: