TY - GEN
T1 - Detect & Reject for Transferability of Black-Box Adversarial Attacks Against Network Intrusion Detection Systems
AU - Debicha, Islam
AU - Debatty, Thibault
AU - Dricot, Jean-Michel
AU - Mees, Wim
AU - Kenaza, Tayeb
N1 - Publisher Copyright:
© 2021, Springer Nature Singapore Pte Ltd.
PY - 2021
Y1 - 2021
N2 - In the last decade, the use of Machine Learning techniques in anomaly-based intrusion detection systems has seen much success. However, recent studies have shown that Machine learning in general and deep learning specifically are vulnerable to adversarial attacks where the attacker attempts to fool models by supplying deceptive input. Research in computer vision, where this vulnerability was first discovered, has shown that adversarial images designed to fool a specific model can deceive other machine learning models. In this paper, we investigate the transferability of adversarial network traffic against multiple machine learning-based intrusion detection systems. Furthermore, we analyze the robustness of the ensemble intrusion detection system, which is notorious for its better accuracy compared to a single model, against the transferability of adversarial attacks. Finally, we examine Detect & Reject as a defensive mechanism to limit the effect of the transferability property of adversarial network traffic against machine learning-based intrusion detection systems.
AB - In the last decade, the use of Machine Learning techniques in anomaly-based intrusion detection systems has seen much success. However, recent studies have shown that Machine learning in general and deep learning specifically are vulnerable to adversarial attacks where the attacker attempts to fool models by supplying deceptive input. Research in computer vision, where this vulnerability was first discovered, has shown that adversarial images designed to fool a specific model can deceive other machine learning models. In this paper, we investigate the transferability of adversarial network traffic against multiple machine learning-based intrusion detection systems. Furthermore, we analyze the robustness of the ensemble intrusion detection system, which is notorious for its better accuracy compared to a single model, against the transferability of adversarial attacks. Finally, we examine Detect & Reject as a defensive mechanism to limit the effect of the transferability property of adversarial network traffic against machine learning-based intrusion detection systems.
KW - Adversarial attacks
KW - Black-box settings
KW - Intrusion detection
KW - Machine learning
KW - Transferability
UR - http://www.scopus.com/inward/record.url?scp=85121900769&partnerID=8YFLogxK
U2 - 10.1007/978-981-16-8059-5_20
DO - 10.1007/978-981-16-8059-5_20
M3 - Conference contribution
AN - SCOPUS:85121900769
SN - 9789811680588
T3 - Communications in Computer and Information Science
SP - 329
EP - 339
BT - Advances in Cyber Security - 3rd International Conference, ACeS 2021, Revised Selected Papers
A2 - Abdullah, Nibras
A2 - Manickam, Selvakumar
A2 - Anbar, Mohammed
PB - Springer Science and Business Media Deutschland GmbH
T2 - 3rd International Conference on Advances in Cyber Security, ACeS 2021
Y2 - 24 August 2021 through 25 August 2021
ER -