RADIANT: Reactive Autoencoder Defense for Industrial Adversarial Network Threats

IF 4.8 2区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS
Irfan Khan, Syed Wali, Yasir Ali Farrukh
{"title":"RADIANT: Reactive Autoencoder Defense for Industrial Adversarial Network Threats","authors":"Irfan Khan,&nbsp;Syed Wali,&nbsp;Yasir Ali Farrukh","doi":"10.1016/j.cose.2025.104403","DOIUrl":null,"url":null,"abstract":"<div><div>Machine learning-based Intrusion Detection Systems (IDS) have significantly enhanced operational efficiency in Industrial Control Systems (ICS), but they face a growing threat from Adversarial Machine Learning (AML) attacks. These attacks exploit vulnerabilities in IDS, leading to delayed threat detection, infrastructure compromise, financial losses, and service disruptions. Traditional approaches, such as adversarial retraining, are not only resource-intensive but also suffer from limited generalization, as they rely on training models with specific adversarial samples. Given the constantly evolving nature of adversarial attacks, it is impractical to train on all possible attack variations, leaving systems vulnerable to new and unforeseen threats. To address these limitations, this paper introduces Reactive Autoencoder Defense for Industrial Adversarial Network Threats (RADIANT), a novel IDS that mitigates adversarial threats without relying on retraining. By reconstructing input data and analyzing three distinct reconstruction errors, RADIANT effectively reduces the impact of adversarial perturbations. To evaluate RADIANT’s performance, we used a comprehensive assessment framework that compared it against state-of-the-art defenses and undefended baseline classifiers on real-world ICS data. The evaluation included advanced adversarial attacks, such as HopSkipJump and Zeroth-Order Optimization (ZOO), conducted under gray-box conditions. During ZOO attacks, RADIANT achieved an F1 score of 85.9%, significantly outperforming the baseline classifier’s 17.1% and demonstrating its robustness against adversarial threats. Similarly, under HopSkipJump attacks, RADIANT maintained a strong F1 score of 91.4%, far exceeding the baseline’s 20.5%. Additionally, when compared to state-of-the-art proactive defenses based on adversarial training, RADIANT consistently delivered a superior balance of precision, recall, and overall robustness, all without the need for adversarial retraining. These results highlight RADIANT’s practicality and effectiveness, offering reliable protection for ICS while addressing the increasing sophistication of AML attacks.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"154 ","pages":"Article 104403"},"PeriodicalIF":4.8000,"publicationDate":"2025-03-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404825000926","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

Machine learning-based Intrusion Detection Systems (IDS) have significantly enhanced operational efficiency in Industrial Control Systems (ICS), but they face a growing threat from Adversarial Machine Learning (AML) attacks. These attacks exploit vulnerabilities in IDS, leading to delayed threat detection, infrastructure compromise, financial losses, and service disruptions. Traditional approaches, such as adversarial retraining, are not only resource-intensive but also suffer from limited generalization, as they rely on training models with specific adversarial samples. Given the constantly evolving nature of adversarial attacks, it is impractical to train on all possible attack variations, leaving systems vulnerable to new and unforeseen threats. To address these limitations, this paper introduces Reactive Autoencoder Defense for Industrial Adversarial Network Threats (RADIANT), a novel IDS that mitigates adversarial threats without relying on retraining. By reconstructing input data and analyzing three distinct reconstruction errors, RADIANT effectively reduces the impact of adversarial perturbations. To evaluate RADIANT’s performance, we used a comprehensive assessment framework that compared it against state-of-the-art defenses and undefended baseline classifiers on real-world ICS data. The evaluation included advanced adversarial attacks, such as HopSkipJump and Zeroth-Order Optimization (ZOO), conducted under gray-box conditions. During ZOO attacks, RADIANT achieved an F1 score of 85.9%, significantly outperforming the baseline classifier’s 17.1% and demonstrating its robustness against adversarial threats. Similarly, under HopSkipJump attacks, RADIANT maintained a strong F1 score of 91.4%, far exceeding the baseline’s 20.5%. Additionally, when compared to state-of-the-art proactive defenses based on adversarial training, RADIANT consistently delivered a superior balance of precision, recall, and overall robustness, all without the need for adversarial retraining. These results highlight RADIANT’s practicality and effectiveness, offering reliable protection for ICS while addressing the increasing sophistication of AML attacks.
求助全文
约1分钟内获得全文 求助全文
来源期刊
Computers & Security
Computers & Security 工程技术-计算机:信息系统
CiteScore
12.40
自引率
7.10%
发文量
365
审稿时长
10.7 months
期刊介绍: Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信