Evading Machine Learning Based Network Intrusion Detection Systems with GANs

Game Theory and Machine Learning for Cyber Security Pub Date : 2021-09-12 DOI:10.1002/9781119723950.ch17

B. Zolbayar, Ryan Sheatsley, P. Mcdaniel, Mike Weisman

{"title":"Evading Machine Learning Based Network Intrusion Detection Systems with GANs","authors":"B. Zolbayar, Ryan Sheatsley, P. Mcdaniel, Mike Weisman","doi":"10.1002/9781119723950.ch17","DOIUrl":null,"url":null,"abstract":"Machine learning (ML) is fundamentally changing our way of life with the recent availability of high computational power and big data. Emerging ML‐based techniques of network intrusion detection systems (NIDS) can detect complex cyberattacks, undetectable by conventional techniques. In this chapter, we evaluate the threat of a generative adversarial networks (GAN) aided‐attack on these systems. In our threat model, an adversarial attacker, given access to a training data of the NIDS, adds a minimal perturbation to the feature values of attack traffic to change the DNN's prediction from “malicious” to “benign.” We evaluate our attack algorithm against two state‐of‐the‐art DNN models as well as our own well‐trained DNN model achieving nearly 100% success rates in whitebox setting. We also show that adversarial traffic crafted on these three DNN models also transfer and fool the NIDS models trained with classic ML algorithms with a high accuracy: logistic regression, support vector machine, decision tree and k \n‐nearest neighbors. Our work shows that ML‐based NIDS are vulnerable to adversarial network traffic crafted by our GAN‐based attack algorithm.","PeriodicalId":332247,"journal":{"name":"Game Theory and Machine Learning for Cyber Security","volume":"1148 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-09-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Game Theory and Machine Learning for Cyber Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1002/9781119723950.ch17","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

Machine learning (ML) is fundamentally changing our way of life with the recent availability of high computational power and big data. Emerging ML‐based techniques of network intrusion detection systems (NIDS) can detect complex cyberattacks, undetectable by conventional techniques. In this chapter, we evaluate the threat of a generative adversarial networks (GAN) aided‐attack on these systems. In our threat model, an adversarial attacker, given access to a training data of the NIDS, adds a minimal perturbation to the feature values of attack traffic to change the DNN's prediction from “malicious” to “benign.” We evaluate our attack algorithm against two state‐of‐the‐art DNN models as well as our own well‐trained DNN model achieving nearly 100% success rates in whitebox setting. We also show that adversarial traffic crafted on these three DNN models also transfer and fool the NIDS models trained with classic ML algorithms with a high accuracy: logistic regression, support vector machine, decision tree and k ‐nearest neighbors. Our work shows that ML‐based NIDS are vulnerable to adversarial network traffic crafted by our GAN‐based attack algorithm.

查看原文本刊更多论文

基于GANs的逃避机器学习网络入侵检测系统

随着高计算能力和大数据的出现，机器学习(ML)正在从根本上改变我们的生活方式。新兴的基于机器学习的网络入侵检测系统(NIDS)可以检测到传统技术无法检测到的复杂网络攻击。在本章中，我们评估了生成对抗网络(GAN)辅助攻击对这些系统的威胁。在我们的威胁模型中，一个对抗性攻击者在获得NIDS的训练数据后，对攻击流量的特征值添加最小的扰动，将DNN的预测从“恶意”更改为“良性”。我们针对两种最先进的DNN模型以及我们自己训练良好的DNN模型评估了我们的攻击算法，在白盒设置中实现了接近100%的成功率。我们还表明，在这三种DNN模型上制作的对抗性流量也以高精度转移和欺骗用经典ML算法训练的NIDS模型:逻辑回归、支持向量机、决策树和k近邻。我们的工作表明，基于ML的NIDS容易受到基于GAN的攻击算法制作的对抗性网络流量的攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Game Theory and Machine Learning for Cyber Security

自引率

0.00%

发文量