Adversarial machine learning in Network Intrusion Detection Systems. (30th December 2021)
- Record Type:
- Journal Article
- Title:
- Adversarial machine learning in Network Intrusion Detection Systems. (30th December 2021)
- Main Title:
- Adversarial machine learning in Network Intrusion Detection Systems
- Authors:
- Alhajjar, Elie
Maxwell, Paul
Bastian, Nathaniel - Abstract:
- Abstract: Adversarial examples are inputs to a machine learning system intentionally crafted by an attacker to fool the model into producing an incorrect output. These examples have achieved a great deal of success in several domains such as image recognition, speech recognition and spam detection. In this paper, we study the nature of the adversarial problem in Network Intrusion Detection Systems (NIDS). We focus on the attack perspective, which includes techniques to generate adversarial examples capable of evading a variety of machine learning models. More specifically, we explore the use of evolutionary computation (particle swarm optimization and genetic algorithm) and deep learning (generative adversarial networks) as tools for adversarial example generation. To assess the performance of these algorithms in evading a NIDS, we apply them to two publicly available data sets, namely the NSL-KDD and UNSW-NB15, and we contrast them to a baseline perturbation method: Monte Carlo simulation. The results show that our adversarial example generation techniques cause high misclassification rates in eleven different machine learning models, along with a voting classifier. Our work highlights the vulnerability of machine learning based NIDS in the face of adversarial perturbation. Highlights: Machine learning algorithms are not robust in unconstrained domains. Evolutionary algorithms are able to generate successful adversarial examples. Generative Adversarial Networks provide aAbstract: Adversarial examples are inputs to a machine learning system intentionally crafted by an attacker to fool the model into producing an incorrect output. These examples have achieved a great deal of success in several domains such as image recognition, speech recognition and spam detection. In this paper, we study the nature of the adversarial problem in Network Intrusion Detection Systems (NIDS). We focus on the attack perspective, which includes techniques to generate adversarial examples capable of evading a variety of machine learning models. More specifically, we explore the use of evolutionary computation (particle swarm optimization and genetic algorithm) and deep learning (generative adversarial networks) as tools for adversarial example generation. To assess the performance of these algorithms in evading a NIDS, we apply them to two publicly available data sets, namely the NSL-KDD and UNSW-NB15, and we contrast them to a baseline perturbation method: Monte Carlo simulation. The results show that our adversarial example generation techniques cause high misclassification rates in eleven different machine learning models, along with a voting classifier. Our work highlights the vulnerability of machine learning based NIDS in the face of adversarial perturbation. Highlights: Machine learning algorithms are not robust in unconstrained domains. Evolutionary algorithms are able to generate successful adversarial examples. Generative Adversarial Networks provide a rich source of fooling examples. Network intrusion detection systems are vulnerable to maliciously crafted packets. … (more)
- Is Part Of:
- Expert systems with applications. Volume 186(2021)
- Journal:
- Expert systems with applications
- Issue:
- Volume 186(2021)
- Issue Display:
- Volume 186, Issue 2021 (2021)
- Year:
- 2021
- Volume:
- 186
- Issue:
- 2021
- Issue Sort Value:
- 2021-0186-2021-0000
- Page Start:
- Page End:
- Publication Date:
- 2021-12-30
- Subjects:
- Network Intrusion Detection Systems -- Adversarial machine learning -- Evolutionary computation -- Deep learning -- Monte Carlo simulation
Expert systems (Computer science) -- Periodicals
Systèmes experts (Informatique) -- Périodiques
Electronic journals
006.33 - Journal URLs:
- http://www.sciencedirect.com/science/journal/09574174 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.eswa.2021.115782 ↗
- Languages:
- English
- ISSNs:
- 0957-4174
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3842.004220
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 19628.xml