Towards Adversarial Realism and Robust Learning for IoT Intrusion Detection and Classification

Bibliographic Details
Main Author: Vitorino, João
Publication Date: 2023
Other Authors: Praça, Isabel, Maia, Eva
Format: Article
Language: eng
Source: Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
Download full: http://hdl.handle.net/10400.22/23450
Summary: The internet of things (IoT) faces tremendous security challenges. Machine learning models can be used to tackle the growing number of cyber-attack variations targeting IoT systems, but the increasing threat posed by adversarial attacks restates the need for reliable defense strategies. This work describes the types of constraints required for a realistic adversarial cyber-attack example and proposes a methodology for a trustworthy adversarial robustness analysis with a realistic adversarial evasion attack vector. The proposed methodology was used to evaluate three supervised algorithms, random forest (RF), extreme gradient boosting (XGB), and light gradient boosting machine (LGBM), and one unsupervised algorithm, isolation forest (IFOR). Constrained adversarial examples were generated with the adaptative perturbation pattern method (A2PM), and evasion attacks were performed against models created with regular and adversarial training. Even though RF was the least affected in binary classification, XGB consistently achieved the highest accuracy in multi-class classification. The obtained results evidence the inherent susceptibility of tree-based algorithms and ensembles to adversarial evasion attacks and demonstrate the benefits of adversarial training and a security-by-design approach for a more robust IoT network intrusion detection and cyber-attack classification.
id RCAP_abbe4635beb5bf8750676178e0c2f11a
oai_identifier_str oai:recipp.ipp.pt:10400.22/23450
network_acronym_str RCAP
network_name_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository_id_str https://opendoar.ac.uk/repository/7160
spelling Towards Adversarial Realism and Robust Learning for IoT Intrusion Detection and ClassificationAdversarial attacksAdversarial robustnessMachine learningTabular dataInternet of thingsIntrusion detectionThe internet of things (IoT) faces tremendous security challenges. Machine learning models can be used to tackle the growing number of cyber-attack variations targeting IoT systems, but the increasing threat posed by adversarial attacks restates the need for reliable defense strategies. This work describes the types of constraints required for a realistic adversarial cyber-attack example and proposes a methodology for a trustworthy adversarial robustness analysis with a realistic adversarial evasion attack vector. The proposed methodology was used to evaluate three supervised algorithms, random forest (RF), extreme gradient boosting (XGB), and light gradient boosting machine (LGBM), and one unsupervised algorithm, isolation forest (IFOR). Constrained adversarial examples were generated with the adaptative perturbation pattern method (A2PM), and evasion attacks were performed against models created with regular and adversarial training. Even though RF was the least affected in binary classification, XGB consistently achieved the highest accuracy in multi-class classification. The obtained results evidence the inherent susceptibility of tree-based algorithms and ensembles to adversarial evasion attacks and demonstrate the benefits of adversarial training and a security-by-design approach for a more robust IoT network intrusion detection and cyber-attack classification.SpringerREPOSITÓRIO P.PORTOVitorino, JoãoPraça, IsabelMaia, Eva2023-09-05T11:02:31Z20232023-01-01T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttp://hdl.handle.net/10400.22/23450eng10.1007/s12243-023-00953-yinfo:eu-repo/semantics/openAccessreponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiainstacron:RCAAP2025-04-02T03:25:04Zoai:recipp.ipp.pt:10400.22/23450Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireinfo@rcaap.ptopendoar:https://opendoar.ac.uk/repository/71602025-05-29T00:55:05.883316Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiafalse
dc.title.none.fl_str_mv Towards Adversarial Realism and Robust Learning for IoT Intrusion Detection and Classification
title Towards Adversarial Realism and Robust Learning for IoT Intrusion Detection and Classification
spellingShingle Towards Adversarial Realism and Robust Learning for IoT Intrusion Detection and Classification
Vitorino, João
Adversarial attacks
Adversarial robustness
Machine learning
Tabular data
Internet of things
Intrusion detection
title_short Towards Adversarial Realism and Robust Learning for IoT Intrusion Detection and Classification
title_full Towards Adversarial Realism and Robust Learning for IoT Intrusion Detection and Classification
title_fullStr Towards Adversarial Realism and Robust Learning for IoT Intrusion Detection and Classification
title_full_unstemmed Towards Adversarial Realism and Robust Learning for IoT Intrusion Detection and Classification
title_sort Towards Adversarial Realism and Robust Learning for IoT Intrusion Detection and Classification
author Vitorino, João
author_facet Vitorino, João
Praça, Isabel
Maia, Eva
author_role author
author2 Praça, Isabel
Maia, Eva
author2_role author
author
dc.contributor.none.fl_str_mv REPOSITÓRIO P.PORTO
dc.contributor.author.fl_str_mv Vitorino, João
Praça, Isabel
Maia, Eva
dc.subject.por.fl_str_mv Adversarial attacks
Adversarial robustness
Machine learning
Tabular data
Internet of things
Intrusion detection
topic Adversarial attacks
Adversarial robustness
Machine learning
Tabular data
Internet of things
Intrusion detection
description The internet of things (IoT) faces tremendous security challenges. Machine learning models can be used to tackle the growing number of cyber-attack variations targeting IoT systems, but the increasing threat posed by adversarial attacks restates the need for reliable defense strategies. This work describes the types of constraints required for a realistic adversarial cyber-attack example and proposes a methodology for a trustworthy adversarial robustness analysis with a realistic adversarial evasion attack vector. The proposed methodology was used to evaluate three supervised algorithms, random forest (RF), extreme gradient boosting (XGB), and light gradient boosting machine (LGBM), and one unsupervised algorithm, isolation forest (IFOR). Constrained adversarial examples were generated with the adaptative perturbation pattern method (A2PM), and evasion attacks were performed against models created with regular and adversarial training. Even though RF was the least affected in binary classification, XGB consistently achieved the highest accuracy in multi-class classification. The obtained results evidence the inherent susceptibility of tree-based algorithms and ensembles to adversarial evasion attacks and demonstrate the benefits of adversarial training and a security-by-design approach for a more robust IoT network intrusion detection and cyber-attack classification.
publishDate 2023
dc.date.none.fl_str_mv 2023-09-05T11:02:31Z
2023
2023-01-01T00:00:00Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10400.22/23450
url http://hdl.handle.net/10400.22/23450
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv 10.1007/s12243-023-00953-y
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv Springer
publisher.none.fl_str_mv Springer
dc.source.none.fl_str_mv reponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron:RCAAP
instname_str FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron_str RCAAP
institution RCAAP
reponame_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
collection Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository.name.fl_str_mv Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
repository.mail.fl_str_mv info@rcaap.pt
_version_ 1833600756053180416

Similar Items