TY - JOUR
T1 - TAD
T2 - Transfer learning-based multi-adversarial detection of evasion attacks against network intrusion detection systems
AU - Debicha, Islam
AU - Bauwens, Richard
AU - Debatty, Thibault
AU - Dricot, Jean Michel
AU - Kenaza, Tayeb
AU - Mees, Wim
N1 - Publisher Copyright:
© 2022 Elsevier B.V.
PY - 2023/1
Y1 - 2023/1
N2 - Nowadays, intrusion detection systems based on deep learning deliver state-of-the-art performance. However, recent research has shown that specially crafted perturbations, called adversarial examples, are capable of significantly reducing the performance of these intrusion detection systems. The objective of this paper is to design an efficient transfer learning-based adversarial detector and then to assess the effectiveness of using multiple strategically placed adversarial detectors compared to a single adversarial detector for intrusion detection systems. In our experiments, we implement existing state-of-the-art models for intrusion detection. We then attack those models with a set of chosen evasion attacks. In an attempt to detect those adversarial attacks, we design and implement multiple transfer learning-based adversarial detectors, each receiving a subset of the information passed through the IDS. By combining their respective decisions, we illustrate that combining multiple detectors can further improve the detectability of adversarial traffic compared to a single detector in the case of a parallel IDS design.
AB - Nowadays, intrusion detection systems based on deep learning deliver state-of-the-art performance. However, recent research has shown that specially crafted perturbations, called adversarial examples, are capable of significantly reducing the performance of these intrusion detection systems. The objective of this paper is to design an efficient transfer learning-based adversarial detector and then to assess the effectiveness of using multiple strategically placed adversarial detectors compared to a single adversarial detector for intrusion detection systems. In our experiments, we implement existing state-of-the-art models for intrusion detection. We then attack those models with a set of chosen evasion attacks. In an attempt to detect those adversarial attacks, we design and implement multiple transfer learning-based adversarial detectors, each receiving a subset of the information passed through the IDS. By combining their respective decisions, we illustrate that combining multiple detectors can further improve the detectability of adversarial traffic compared to a single detector in the case of a parallel IDS design.
KW - Adversarial detection
KW - Data fusion
KW - Evasion attacks
KW - Intrusion detection system
KW - Machine learning
KW - Transfer learning
UR - http://www.scopus.com/inward/record.url?scp=85137049011&partnerID=8YFLogxK
U2 - 10.1016/j.future.2022.08.011
DO - 10.1016/j.future.2022.08.011
M3 - Article
AN - SCOPUS:85137049011
SN - 0167-739X
VL - 138
SP - 185
EP - 197
JO - Future Generation Computer Systems
JF - Future Generation Computer Systems
ER -