Adversarial Machine Learning Attacks and Defenses in Network Intrusion Detection Systems

Автор: Amir F. Mukeri, Dwarkoba P. Gaikwad

Журнал: International Journal of Wireless and Microwave Technologies @ijwmt

Статья в выпуске: 1 Vol.12, 2022 года.

Бесплатный доступ

Machine learning is now being used for applications ranging from healthcare to network security. However, machine learning models can be easily fooled into making mistakes using adversarial machine learning attacks. In this article, we focus on the evasion attacks against Network Intrusion Detection System (NIDS) and specifically on designing novel adversarial attacks and defenses using adversarial training. We propose white box attacks against intrusion detection systems. Under these attacks, the detection accuracy of model suffered significantly. Also, we propose a defense mechanism against adversarial attacks using adversarial sample augmented training. The biggest advantage of proposed defense is that it doesn’t require any modification to deep neural network architecture or any additional hyperparameter tuning. The gain in accuracy using very small adversarial samples for training deep neural network was however found to be significant.

Еще

Network Intrusion Detection System, Adversarial Machine Learning, Robust Machine Learning, Network Security, Deep Neural Network

Короткий адрес: https://sciup.org/15018382

IDR: 15018382   |   DOI: 10.5815/ijwmt.2022.01.02

Список литературы Adversarial Machine Learning Attacks and Defenses in Network Intrusion Detection Systems

  • M. M. Sakr, M. A. Tawfeeq and A. B. El-Sisi, "An efficiency optimization for network intrusion detection system," International Journal of Computer Network and Information Security, vol. 11, p. 1, 2019.
  • M. M. Sakr, M. A. Tawfeeq and A. B. El-Sisi, "Network intrusion detection system based PSO-SVM for cloud computing," International Journal of Computer Network and Information Security, vol. 10, p. 22, 2019.
  • V. Barot, S. S. Chauhan and B. Patel, "Feature Selection for Modeling Intrusion Detection," International Journal of Computer Network and Information Security (IJCNIS), vol. 6, p. 56–62, 2014.
  • C. Karuppanchetty, W. Edmonds, K. Sun-il and N. Nwanze, "Artificially Augmented Training for Anomaly-based Network Intrusion Detection Systems," International Journal of Computer Network and Information Security, vol. 7, p. 1, 2015.
  • M. Panda, A. Abraham, S. Das and M. R. Patra, "Network intrusion detection system: A machine learning approach," Intelligent Decision Technologies, vol. 5, p. 347–356, 2011.
  • W. Wang, Y. Sheng, J. Wang, X. Zeng, X. Ye, Y. Huang and M. Zhu, "HAST-IDS: Learning hierarchical spatial-temporal features using deep neural networks to improve intrusion detection," IEEE access, vol. 6, p. 1792–1806, 2017.
  • A. Mukeri and D. P. Gaikwad, "Support Vector Machine and Principal Component Analysis for Intrusion Detection System," i-Manager's Journal on Software Engineering, vol. 14, p. 42, 2020.
  • P. Tao, Z. Sun and Z. Sun, "An improved intrusion detection algorithm based on GA and SVM," Ieee Access, vol. 6, p. 13624–13631, 2018.
  • R. Vijayanand and D. Devaraj, "A novel feature selection method using whale optimization algorithm and genetic operators for intrusion detection system in wireless mesh network," IEEE Access, vol. 8, p. 56847–56854, 2020.
  • B. A. Tama, M. Comuzzi and K.-H. Rhee, "TSE-IDS: A two-stage classifier ensemble for intelligent anomaly-based intrusion detection system," IEEE Access, vol. 7, p. 94497–94507, 2019.
  • A. Yulianto, P. Sukarno and N. A. Suwastika, "Improving adaboost-based intrusion detection system (IDS) performance on CIC IDS 2017 dataset," in Journal of Physics: Conference Series, 2019.
  • C. Yin, Y. Zhu, S. Liu, J. Fei and H. Zhang, "Enhancing network intrusion detection classifiers using supervised adversarial training," The Journal of Supercomputing, p. 1–30, 2019.
  • R. Vinayakumar, K. P. Soman and P. Poornachandran, "Applying convolutional neural network for network intrusion detection," in 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI), 2017.
  • X. Yuan, C. Li and X. Li, "DeepDefense: identifying DDoS attack via deep learning," in 2017 IEEE International Conference on Smart Computing (SMARTCOMP), 2017.
  • S. M. Sohi, J.-P. Seifert and F. Ganji, "RNNIDS: Enhancing network intrusion detection systems through deep learning," Computers & Security, vol. 102, p. 102151, 2021.
  • L. Liu, J. Lin, P. Wang, L. Liu and R. Zhou, "Deep Learning-Based Network Security Data Sampling and Anomaly Prediction in Future Network," Discrete Dynamics in Nature and Society, vol. 2020, 2020.
  • W. Yue, J. Yiming and L. Julong, "A Fast Deep Learning Method for Network Intrusion Detection Without Manual Feature Extraction," in Journal of Physics: Conference Series, 2021.
  • T. Elsken, J. H. Metzen, F. Hutter and others, "Neural architecture search: A survey.," J. Mach. Learn. Res., vol. 20, p. 1–21, 2019.
  • D. P. Gaikwad and A. Mukeri, "Fine Tuned Deep Neural Networks for Intrusion Detection System," Journal of Network Security Computer Networks, vol. 6, p. 9, 2020.
  • S. Gurung, M. K. Ghose and A. Subedi, "Deep learning approach on network intrusion detection system using NSL-KDD dataset," International Journal of Computer Network and Information Security, vol. 11, p. 8–14, 2019.
  • E. Alhajjar, P. Maxwell and N. D. Bastian, "Adversarial Machine Learning in Network Intrusion Detection Systems," arXiv preprint arXiv:2004.11898, 2020.
  • N. Moustafa and J. Slay, "UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)," in 2015 military communications and information systems conference (MilCIS), 2015.
  • M. Rigaki, "Adversarial deep learning against intrusion detection classifiers," 2017. [Online]. Available: https://www.diva-portal.org/smash/get/diva2:1116037/FULLTEXT01.pdf. [Accessed 1 July 2021].
  • M. Arjovsky, S. Chintala and L. Bottou, "Wasserstein generative adversarial networks," in International conference on machine learning, 2017.
  • Z. Lin, Y. Shi and Z. Xue, "Idsgan: Generative adversarial networks for attack generation against intrusion detection," arXiv preprint arXiv:1809.02077, 2018.
  • I. J. Goodfellow, J. Shlens and C. Szegedy, "Explaining and harnessing adversarial examples," arXiv preprint arXiv:1412.6572, 2014.
  • N. Papernot, P. McDaniel, S. Jha, M. Fredrikson, Z. B. Celik and A. Swami, "The limitations of deep learning in adversarial settings," in 2016 IEEE European symposium on security and privacy (EuroS&P), 2016.
  • "NSL-KDD dataset," 2009. [Online]. Available: www.unb.ca/cic/datasets/nsl.html. [Accessed 1 July 2021].
  • N. Carlini and D. Wagner, "Towards evaluating the robustness of neural networks," in 2017 ieee symposium on security and privacy (sp), 2017.
  • H. Hosseini, Y. Chen, S. Kannan, B. Zhang and R. Poovendran, "Blocking transferability of adversarial examples in black-box learning systems," arXiv preprint arXiv:1703.04318, 2017.
  • L. Dhanabal and S. P. Shantharajah, "A study on NSL-KDD dataset for intrusion detection system based on classification algorithms," International Journal of Advanced Research in Computer and Communication Engineering, vol. 4, p. 446–452, 2015.
  • C. Yin, Y. Zhu, J. Fei and X. He, "A deep learning approach for intrusion detection using recurrent neural networks," Ieee Access, vol. 5, p. 21954–21961, 2017.
Еще
Статья научная