IRIS

Machine Learning (ML) has proven to be effective in many application domains. However, ML methods can be vulnerable to adversarial attacks, in which an attacker tries to fool the classification/prediction mechanism by crafting the input data. In the case of ML-based Network Intrusion Detection Systems (NIDSs), the attacker might use their knowledge of the intrusion detection logic to generate malicious traffic that remains undetected. One way to solve this issue is to adopt adversarial training, in which the training set is augmented with adversarial traffic samples. This paper presents an adversarial training approach called GADoT, which leverages a Generative Adversarial Network (GAN) to generate adversarial DDoS samples for training. We show that a state-of-the-art NIDS with high accuracy on popular datasets can experience more than 60% undetected malicious flows under adversarial attacks. We then demonstrate how this score drops to 1.8% or less after adversarial training using GADoT.

GADoT: GAN-based Adversarial Training for Robust DDoS Attack Detection / Abdelaty, Maged; Scott-Hayward, Sandra; Doriguzzi-Corin, Roberto; Siracusa, Domenico. - (2021), pp. 119-127. (Intervento presentato al convegno 2021 IEEE Conference on Communications and Network Security (CNS) tenutosi a Tempe, AZ, USA nel 4-6 October, 2021) [10.1109/CNS53000.2021.9705040].

GADoT: GAN-based Adversarial Training for Robust DDoS Attack Detection

Abdelaty, Maged;Siracusa, Domenico
2021-01-01

Abstract

Machine Learning (ML) has proven to be effective in many application domains. However, ML methods can be vulnerable to adversarial attacks, in which an attacker tries to fool the classification/prediction mechanism by crafting the input data. In the case of ML-based Network Intrusion Detection Systems (NIDSs), the attacker might use their knowledge of the intrusion detection logic to generate malicious traffic that remains undetected. One way to solve this issue is to adopt adversarial training, in which the training set is augmented with adversarial traffic samples. This paper presents an adversarial training approach called GADoT, which leverages a Generative Adversarial Network (GAN) to generate adversarial DDoS samples for training. We show that a state-of-the-art NIDS with high accuracy on popular datasets can experience more than 60% undetected malicious flows under adversarial attacks. We then demonstrate how this score drops to 1.8% or less after adversarial training using GADoT.
2021
2021 IEEE Conference on Communications and Network Security (CNS)
Piscataway, NJ USA
IEEE
978-1-6654-4496-5
2-s2.0-85125626711
WOS:000786954200020
Abdelaty, Maged; Scott-Hayward, Sandra; Doriguzzi-Corin, Roberto; Siracusa, Domenico
GADoT: GAN-based Adversarial Training for Robust DDoS Attack Detection / Abdelaty, Maged; Scott-Hayward, Sandra; Doriguzzi-Corin, Roberto; Siracusa, Domenico. - (2021), pp. 119-127. (Intervento presentato al convegno 2021 IEEE Conference on Communications and Network Security (CNS) tenutosi a Tempe, AZ, USA nel 4-6 October, 2021) [10.1109/CNS53000.2021.9705040].
File in questo prodotto:
File Dimensione Formato  
1570727442 stamped-e.pdf

Solo gestori archivio

Tipologia: Versione editoriale (Publisher’s layout)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 606.71 kB
Formato Adobe PDF
  Visualizza/Apri
606.71 kB Adobe PDF   Visualizza/Apri
1570727442_final.pdf

accesso aperto

Tipologia: Post-print referato (Refereed author’s manuscript)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 996.42 kB
Formato Adobe PDF
Visualizza/Apri
996.42 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/333734
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 5
  • ???jsp.display-item.citation.isi??? 3
social impact