一种针对rnn网络异常检测的投毒攻击方法

2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) Pub Date : 2020-12-01 DOI:10.1109/TrustCom50675.2020.00231

Jinghui Xu, Yu Wen, Chun Yang, Dan Meng

{"title":"一种针对rnn网络异常检测的投毒攻击方法","authors":"Jinghui Xu, Yu Wen, Chun Yang, Dan Meng","doi":"10.1109/TrustCom50675.2020.00231","DOIUrl":null,"url":null,"abstract":"In the face of the increasingly complex Internet environment, the traditional intrusion detection system is difficult to cope with the unknown variety of attacks. People hope to find reliable anomaly detection technology to help improve the security of cyberspace. The rapid development of artificial intelligence technology provides new development opportunities for anomaly detection technology, and the anomaly detection system based on deep learning performs well in some studies. However, neural networks are highly dependent on data quality, and a small number of poisoned samples injected into the data set will have a huge impact on the results. The online abnormal threat detection system based on deep learning is likely to be attacked by poisoning due to the need for continuous data collection and training. We propose a poisoning attack method using adversarial samples to resist the anomaly detection system based on an unsupervised deep neural network, which can destroy the neural network with as few samples as possible. We verified the effectiveness of poisoning attacks on the network security data set of los alamos national laboratory and further demonstrated its generality on other abnormal detection data set.","PeriodicalId":221956,"journal":{"name":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"An Approach for Poisoning Attacks against RNN-Based Cyber Anomaly Detection\",\"authors\":\"Jinghui Xu, Yu Wen, Chun Yang, Dan Meng\",\"doi\":\"10.1109/TrustCom50675.2020.00231\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the face of the increasingly complex Internet environment, the traditional intrusion detection system is difficult to cope with the unknown variety of attacks. People hope to find reliable anomaly detection technology to help improve the security of cyberspace. The rapid development of artificial intelligence technology provides new development opportunities for anomaly detection technology, and the anomaly detection system based on deep learning performs well in some studies. However, neural networks are highly dependent on data quality, and a small number of poisoned samples injected into the data set will have a huge impact on the results. The online abnormal threat detection system based on deep learning is likely to be attacked by poisoning due to the need for continuous data collection and training. We propose a poisoning attack method using adversarial samples to resist the anomaly detection system based on an unsupervised deep neural network, which can destroy the neural network with as few samples as possible. We verified the effectiveness of poisoning attacks on the network security data set of los alamos national laboratory and further demonstrated its generality on other abnormal detection data set.\",\"PeriodicalId\":221956,\"journal\":{\"name\":\"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)\",\"volume\":\"30 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/TrustCom50675.2020.00231\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TrustCom50675.2020.00231","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

摘要

面对日益复杂的互联网环境，传统的入侵检测系统难以应对各种未知的攻击。人们希望找到可靠的异常检测技术来帮助提高网络空间的安全性。人工智能技术的快速发展为异常检测技术提供了新的发展机遇，基于深度学习的异常检测系统在一些研究中表现良好。然而，神经网络高度依赖于数据质量，少量的有毒样本注入到数据集中会对结果产生巨大的影响。基于深度学习的在线异常威胁检测系统由于需要持续的数据采集和训练，极易受到中毒攻击。我们提出了一种利用对抗性样本来抵抗基于无监督深度神经网络的异常检测系统的投毒攻击方法，该方法可以用尽可能少的样本破坏神经网络。我们在los alamos国家实验室的网络安全数据集上验证了投毒攻击的有效性，并进一步证明了其在其他异常检测数据集上的通用性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An Approach for Poisoning Attacks against RNN-Based Cyber Anomaly Detection

In the face of the increasingly complex Internet environment, the traditional intrusion detection system is difficult to cope with the unknown variety of attacks. People hope to find reliable anomaly detection technology to help improve the security of cyberspace. The rapid development of artificial intelligence technology provides new development opportunities for anomaly detection technology, and the anomaly detection system based on deep learning performs well in some studies. However, neural networks are highly dependent on data quality, and a small number of poisoned samples injected into the data set will have a huge impact on the results. The online abnormal threat detection system based on deep learning is likely to be attacked by poisoning due to the need for continuous data collection and training. We propose a poisoning attack method using adversarial samples to resist the anomaly detection system based on an unsupervised deep neural network, which can destroy the neural network with as few samples as possible. We verified the effectiveness of poisoning attacks on the network security data set of los alamos national laboratory and further demonstrated its generality on other abnormal detection data set.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)

自引率

0.00%

发文量