In an increasingly interconnected world, where information is the lifeblood of modern society, regular cyber-attacks sabotage the confidentiality, integrity, and availability of digital systems and information. Additionally, cyber-attacks differ depending on the objective and evolve rapidly to disguise defensive systems. However, a typical cyber-attack demonstrates a series of stages from attack initiation to final resolution, called an attack life cycle. These diverse characteristics and the relentless evolution of cyber attacks have led cyber defense to adopt modern approaches like Machine Learning to bolster defensive measures and break the attack life cycle. Among the adopted ML approaches, Graph Neural Networks have emerged as a promising approach for enhancing the effectiveness of defensive measures due to their ability to process and learn from heterogeneous cyber threat data. In this paper, we look into the application of GNNs in aiding to break each stage of one of the most renowned attack life cycles, the Lockheed Martin Cyber Kill Chain. We address each phase of CKC and discuss how GNNs contribute to preparing and preventing an attack from a defensive standpoint. Furthermore, We also discuss open research areas and further improvement scopes.

翻译：在日益互联的世界中，信息已成为现代社会的命脉，频繁的网络攻击破坏着数字系统与信息的机密性、完整性和可用性。此外，网络攻击因目标不同而呈现差异，并快速演变以规避防御系统。然而，典型网络攻击从启动到最终解决会展示出一系列阶段，称为攻击生命周期。这些多样化特征与网络攻击的持续演变，促使网络防御采用机器学习等现代方法来强化防御措施并打破攻击生命周期。在采用的机器学习方法中，图神经网络因其处理和学习异构网络威胁数据的能力，已成为提升防御措施有效性的新兴途径。本文探讨了如何应用GNN辅助打破最著名的攻击生命周期之一——洛克希德·马丁网络杀伤链的每个阶段。我们逐一分析CKC的每个阶段，并讨论GNN如何从防御视角助力攻击的预防与阻断。此外，我们还讨论了开放研究领域与进一步改进空间。