Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection
| Autor(a) principal: | |
|---|---|
| Data de Publicação: | 2022 |
| Outros Autores: | , |
| Tipo de documento: | Artigo |
| Idioma: | eng |
| Título da fonte: | Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
| Texto Completo: | http://hdl.handle.net/10400.22/21851 |
Resumo: | Adversarial attacks pose a major threat to machine learning and to the systems that rely on it. In the cybersecurity domain, adversarial cyber-attack examples capable of evading detection are especially concerning. Nonetheless, an example generated for a domain with tabular data must be realistic within that domain. This work establishes the fundamental constraint levels required to achieve realism and introduces the Adaptative Perturbation Pattern Method (A2PM) to fulfill these constraints in a gray-box setting. A2PM relies on pattern sequences that are independently adapted to the characteristics of each class to create valid and coherent data perturbations. The proposed method was evaluated in a cybersecurity case study with two scenarios: Enterprise and Internet of Things (IoT) networks. Multilayer Perceptron (MLP) and Random Forest (RF) classifiers were created with regular and adversarial training, using the CIC-IDS2017 and IoT-23 datasets. In each scenario, targeted and untargeted attacks were performed against the classifiers, and the generated examples were compared with the original network traffic flows to assess their realism. The obtained results demonstrate that A2PM provides a scalable generation of realistic adversarial examples, which can be advantageous for both adversarial training and attacks. |
| id |
RCAP_db2b1bc91df8dcf0917f1653d8c69a5c |
|---|---|
| oai_identifier_str |
oai:recipp.ipp.pt:10400.22/21851 |
| network_acronym_str |
RCAP |
| network_name_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
| repository_id_str |
7160 |
| spelling |
Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion DetectionRealistic adversarial examplesAdversarial attacksAdversarial robustnessMachine learningTabular dataIntrusion detectionAdversarial attacks pose a major threat to machine learning and to the systems that rely on it. In the cybersecurity domain, adversarial cyber-attack examples capable of evading detection are especially concerning. Nonetheless, an example generated for a domain with tabular data must be realistic within that domain. This work establishes the fundamental constraint levels required to achieve realism and introduces the Adaptative Perturbation Pattern Method (A2PM) to fulfill these constraints in a gray-box setting. A2PM relies on pattern sequences that are independently adapted to the characteristics of each class to create valid and coherent data perturbations. The proposed method was evaluated in a cybersecurity case study with two scenarios: Enterprise and Internet of Things (IoT) networks. Multilayer Perceptron (MLP) and Random Forest (RF) classifiers were created with regular and adversarial training, using the CIC-IDS2017 and IoT-23 datasets. In each scenario, targeted and untargeted attacks were performed against the classifiers, and the generated examples were compared with the original network traffic flows to assess their realism. The obtained results demonstrate that A2PM provides a scalable generation of realistic adversarial examples, which can be advantageous for both adversarial training and attacks.The present work has received funding from the European Union’s Horizon 2020 research and innovation program, under project SeCoIIA (grant agreement no. 871967). This work has also received funding from UIDP/00760/2020.MDPIRepositório Científico do Instituto Politécnico do PortoVitorino, JoãoOliveira, NunoPraça, Isabel2023-01-25T11:37:47Z2022-03-082022-03-08T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttp://hdl.handle.net/10400.22/21851eng10.3390/fi14040108info:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-03-13T13:18:11Zoai:recipp.ipp.pt:10400.22/21851Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-19T17:41:56.196191Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse |
| dc.title.none.fl_str_mv |
Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection |
| title |
Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection |
| spellingShingle |
Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection Vitorino, João Realistic adversarial examples Adversarial attacks Adversarial robustness Machine learning Tabular data Intrusion detection |
| title_short |
Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection |
| title_full |
Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection |
| title_fullStr |
Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection |
| title_full_unstemmed |
Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection |
| title_sort |
Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection |
| author |
Vitorino, João |
| author_facet |
Vitorino, João Oliveira, Nuno Praça, Isabel |
| author_role |
author |
| author2 |
Oliveira, Nuno Praça, Isabel |
| author2_role |
author author |
| dc.contributor.none.fl_str_mv |
Repositório Científico do Instituto Politécnico do Porto |
| dc.contributor.author.fl_str_mv |
Vitorino, João Oliveira, Nuno Praça, Isabel |
| dc.subject.por.fl_str_mv |
Realistic adversarial examples Adversarial attacks Adversarial robustness Machine learning Tabular data Intrusion detection |
| topic |
Realistic adversarial examples Adversarial attacks Adversarial robustness Machine learning Tabular data Intrusion detection |
| description |
Adversarial attacks pose a major threat to machine learning and to the systems that rely on it. In the cybersecurity domain, adversarial cyber-attack examples capable of evading detection are especially concerning. Nonetheless, an example generated for a domain with tabular data must be realistic within that domain. This work establishes the fundamental constraint levels required to achieve realism and introduces the Adaptative Perturbation Pattern Method (A2PM) to fulfill these constraints in a gray-box setting. A2PM relies on pattern sequences that are independently adapted to the characteristics of each class to create valid and coherent data perturbations. The proposed method was evaluated in a cybersecurity case study with two scenarios: Enterprise and Internet of Things (IoT) networks. Multilayer Perceptron (MLP) and Random Forest (RF) classifiers were created with regular and adversarial training, using the CIC-IDS2017 and IoT-23 datasets. In each scenario, targeted and untargeted attacks were performed against the classifiers, and the generated examples were compared with the original network traffic flows to assess their realism. The obtained results demonstrate that A2PM provides a scalable generation of realistic adversarial examples, which can be advantageous for both adversarial training and attacks. |
| publishDate |
2022 |
| dc.date.none.fl_str_mv |
2022-03-08 2022-03-08T00:00:00Z 2023-01-25T11:37:47Z |
| dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
| dc.type.driver.fl_str_mv |
info:eu-repo/semantics/article |
| format |
article |
| status_str |
publishedVersion |
| dc.identifier.uri.fl_str_mv |
http://hdl.handle.net/10400.22/21851 |
| url |
http://hdl.handle.net/10400.22/21851 |
| dc.language.iso.fl_str_mv |
eng |
| language |
eng |
| dc.relation.none.fl_str_mv |
10.3390/fi14040108 |
| dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
| eu_rights_str_mv |
openAccess |
| dc.format.none.fl_str_mv |
application/pdf |
| dc.publisher.none.fl_str_mv |
MDPI |
| publisher.none.fl_str_mv |
MDPI |
| dc.source.none.fl_str_mv |
reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação instacron:RCAAP |
| instname_str |
Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
| instacron_str |
RCAAP |
| institution |
RCAAP |
| reponame_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
| collection |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
| repository.name.fl_str_mv |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
| repository.mail.fl_str_mv |
|
| _version_ |
1799131506149425152 |