Intrusion detection systems vulnerability on adversarial examples

Warzyński, Arkadiusz; Kołaczek, Grzegorz

doi:10.1109/inista.2018.8466271

Cited by 42 publications

(30 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Network Intrusion Detection Systems, NIDS, are used to detect malicious traffic in a computer network. The subject can be divided into two types, signature based detection and anomaly based detection [10], [11]. Signature based NIDS follow a static set of signatures and patterns to detect already known attacks.…”

Section: Network Intrusion Detection Systemmentioning

confidence: 99%

See 1 more Smart Citation

Detection of Abnormalities in Real-Time Computer Network Traffic Empowered by Machine Learning

2021

IJATCSE

View full text Add to dashboard Cite

This research discloses how to utilize machine learning methods for anomaly detection in real-time on a computer network. While utilizing machine learning for this task is definitely not a novel idea, little literature is about the matter of doing it in real-time. Most machine learning research in PC network anomaly detection depends on the KDD '99 data set and means to demonstrate the proficiency of the algorithms introduced. The emphasis on this data set has caused a lack of scientific papers disclosing how to assemble network data, remove features, and train algorithms for use inreal-time networks. It has been contended that utilizing the KDD '99 dataset for anomaly detection is not appropriate for real-time network systems. This research proposes how the data gathering procedure will be possible utilizing a dummy network and generating synthetic network traffic by analyzing the importance of One-class SVM. As the efficiency of k-means clustering and LTSM neural networks is lower than one-class SVM, that is why this research uses the results of existing research of LSTM and k-means clustering for the comparison with reported outcomes of a similar algorithm on the KDD '99 dataset. Precisely, without engaging KDD ’99 data set by using synthetic network traffic, this research achieved the higher accuracy as compared to the previous researches.

show abstract

Section: Network Intrusion Detection Systemmentioning

confidence: 99%

“…A dynamic piece of computer security is knowing whether a system has been or is being altered. These systems are called intrusion detection systems and are made to alleviate the dangers of system failure and misuse [1]. Network intrusion detection systems can be isolated into anomaly-based systems and signature-based systems.…”

Section: Introductionmentioning

confidence: 99%

Detection of Abnormalities in Real-Time Computer Network Traffic Empowered by Machine Learning

2021

IJATCSE

View full text Add to dashboard Cite

show abstract

“…However, the NSL-KDD dataset that was used was generated over a decade ago and may not represent the type of network attack traffic that would be expected in today's IoT networks. Warzynski et al [10] also evaluated the NSL-KDD dataset by training a FNN to classify the network packets, and then tested the resilience of their model to adversarial examples. The dataset used in their experiment may not represent a typical IoT network traffic.…”

Section: Related Workmentioning

confidence: 99%

Analyzing Adversarial Attacks against Deep Learning for Intrusion Detection in IoT Networks

Ibitoye

Shafiq

Matrawy

2019

2019 IEEE Global Communications Conference (GLOBECOM)

178

View full text Add to dashboard Cite

Adversarial attacks have been widely studied in the field of computer vision but their impact on network security applications remains an area of open research. As IoT, 5G and AI continue to converge to realize the promise of the fourth industrial revolution (Industry 4.0), security incidents and events on IoT networks have increased. Deep learning techniques are being applied to detect and mitigate many of such security threats against IoT networks. Feedforward Neural Networks (FNN) have been widely used for classifying intrusion attacks in IoT networks. In this paper, we consider a variant of the FNN known as the Self-normalizing Neural Network (SNN) and compare its performance with the FNN for classifying intrusion attacks in an IoT network. Our analysis is performed using the BoT-IoT dataset from the Cyber Range Lab of the center of UNSW Canberra Cyber. In our experimental results, the FNN outperforms the SNN for intrusion detection in IoT networks based on multiple performance metrics such as accuracy, precision, and recall as well as multi-classification metrics such as Cohen Cappas score. However, when tested for adversarial robustness, the SNN demonstrates better resilience against the adversarial samples from the IoT dataset, presenting a promising future in the quest for safer and more secure deep learning in IoT networks.

show abstract

“…To resolve this issue, several approaches [7]- [11] have been proposed for the intrusion detection methods used by IDS, based on traffic analysis and anomalies. Anomalous traffic is identified based on recognition patterns [12]. These patterns can be set manually or automatically by a Honeypot type system [13], [14] or by machine learning algorithms [15], [16].…”

Section: Introductionmentioning

confidence: 99%

Intrusion Detection System Based on Fast Hierarchical Deep Convolutional Neural Network

et al. 2021

View full text Add to dashboard Cite

This work is supported by the Academy of Finland: (a) ee-IoT n.319009, (b) EnergyNet n.321265/n.328869 and (c) FIREMAN n.326270/CHIST-ERA-17-BDSI-003, and the Brazilian National Council for Scientific and Technological Development (CNPq). We would like to thank Hanna Niemelä for helping to proofread this paper.ABSTRACT Currently, with the increasing number of devices connected to the Internet, search for network vulnerabilities to attackers has increased, and protection systems have become indispensable. There are prevalent security attacks, such as the Distributed Denial of Service (DDoS), which have been causing significant damage to companies. However, through security attacks, it is possible to extract characteristics that identify the type of attack. Thus, it is essential to have fast and effective security identification models. In this work, a novel Intrusion Detection System (IDS) based on the Tree-CNN hierarchical algorithm with the Soft-Root-Sign (SRS) activation function is proposed. The model reduces the training time of the generated model for detecting DDoS, Infiltration, Brute Force, and Web attacks. For performance assessment, the model is implemented in a medium-sized company, analyzing the level of complexity of the proposed solution. Experimental results demonstrate that the proposed hierarchical model achieves a significant reduction in execution time, around 36%, and an average detection accuracy of 0.98 considering all the analyzed attacks. Therefore, the results of performance evaluation show that the proposed classifier based on Tree-CNN is of low complexity and requires less processing time and computational resources, outperforming other current IDS based on machine learning algorithms.

show abstract

Intrusion detection systems vulnerability on adversarial examples

Cited by 42 publications

References 4 publications

Detection of Abnormalities in Real-Time Computer Network Traffic Empowered by Machine Learning

Detection of Abnormalities in Real-Time Computer Network Traffic Empowered by Machine Learning

Analyzing Adversarial Attacks against Deep Learning for Intrusion Detection in IoT Networks

Intrusion Detection System Based on Fast Hierarchical Deep Convolutional Neural Network

Contact Info

Product

Resources

About