Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection

Bibliographic Details
Main Author: Vitorino, João
Publication Date: 2022
Other Authors: Oliveira, Nuno, Praça, Isabel
Format: Article
Language: eng
Source: Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
Download full: http://hdl.handle.net/10400.22/21851
Summary: Adversarial attacks pose a major threat to machine learning and to the systems that rely on it. In the cybersecurity domain, adversarial cyber-attack examples capable of evading detection are especially concerning. Nonetheless, an example generated for a domain with tabular data must be realistic within that domain. This work establishes the fundamental constraint levels required to achieve realism and introduces the Adaptative Perturbation Pattern Method (A2PM) to fulfill these constraints in a gray-box setting. A2PM relies on pattern sequences that are independently adapted to the characteristics of each class to create valid and coherent data perturbations. The proposed method was evaluated in a cybersecurity case study with two scenarios: Enterprise and Internet of Things (IoT) networks. Multilayer Perceptron (MLP) and Random Forest (RF) classifiers were created with regular and adversarial training, using the CIC-IDS2017 and IoT-23 datasets. In each scenario, targeted and untargeted attacks were performed against the classifiers, and the generated examples were compared with the original network traffic flows to assess their realism. The obtained results demonstrate that A2PM provides a scalable generation of realistic adversarial examples, which can be advantageous for both adversarial training and attacks.
id RCAP_db2b1bc91df8dcf0917f1653d8c69a5c
oai_identifier_str oai:recipp.ipp.pt:10400.22/21851
network_acronym_str RCAP
network_name_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository_id_str https://opendoar.ac.uk/repository/7160
spelling Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion DetectionRealistic adversarial examplesAdversarial attacksAdversarial robustnessMachine learningTabular dataIntrusion detectionAdversarial attacks pose a major threat to machine learning and to the systems that rely on it. In the cybersecurity domain, adversarial cyber-attack examples capable of evading detection are especially concerning. Nonetheless, an example generated for a domain with tabular data must be realistic within that domain. This work establishes the fundamental constraint levels required to achieve realism and introduces the Adaptative Perturbation Pattern Method (A2PM) to fulfill these constraints in a gray-box setting. A2PM relies on pattern sequences that are independently adapted to the characteristics of each class to create valid and coherent data perturbations. The proposed method was evaluated in a cybersecurity case study with two scenarios: Enterprise and Internet of Things (IoT) networks. Multilayer Perceptron (MLP) and Random Forest (RF) classifiers were created with regular and adversarial training, using the CIC-IDS2017 and IoT-23 datasets. In each scenario, targeted and untargeted attacks were performed against the classifiers, and the generated examples were compared with the original network traffic flows to assess their realism. The obtained results demonstrate that A2PM provides a scalable generation of realistic adversarial examples, which can be advantageous for both adversarial training and attacks.MDPIREPOSITÓRIO P.PORTOVitorino, JoãoOliveira, NunoPraça, Isabel2023-01-25T11:37:47Z2022-03-082022-03-08T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttp://hdl.handle.net/10400.22/21851eng10.3390/fi14040108info:eu-repo/semantics/openAccessreponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiainstacron:RCAAP2025-04-02T03:13:15Zoai:recipp.ipp.pt:10400.22/21851Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireinfo@rcaap.ptopendoar:https://opendoar.ac.uk/repository/71602025-05-29T00:46:48.876054Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiafalse
dc.title.none.fl_str_mv Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection
title Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection
spellingShingle Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection
Vitorino, João
Realistic adversarial examples
Adversarial attacks
Adversarial robustness
Machine learning
Tabular data
Intrusion detection
title_short Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection
title_full Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection
title_fullStr Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection
title_full_unstemmed Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection
title_sort Adaptative Perturbation Patterns: Realistic Adversarial Learning for Robust Intrusion Detection
author Vitorino, João
author_facet Vitorino, João
Oliveira, Nuno
Praça, Isabel
author_role author
author2 Oliveira, Nuno
Praça, Isabel
author2_role author
author
dc.contributor.none.fl_str_mv REPOSITÓRIO P.PORTO
dc.contributor.author.fl_str_mv Vitorino, João
Oliveira, Nuno
Praça, Isabel
dc.subject.por.fl_str_mv Realistic adversarial examples
Adversarial attacks
Adversarial robustness
Machine learning
Tabular data
Intrusion detection
topic Realistic adversarial examples
Adversarial attacks
Adversarial robustness
Machine learning
Tabular data
Intrusion detection
description Adversarial attacks pose a major threat to machine learning and to the systems that rely on it. In the cybersecurity domain, adversarial cyber-attack examples capable of evading detection are especially concerning. Nonetheless, an example generated for a domain with tabular data must be realistic within that domain. This work establishes the fundamental constraint levels required to achieve realism and introduces the Adaptative Perturbation Pattern Method (A2PM) to fulfill these constraints in a gray-box setting. A2PM relies on pattern sequences that are independently adapted to the characteristics of each class to create valid and coherent data perturbations. The proposed method was evaluated in a cybersecurity case study with two scenarios: Enterprise and Internet of Things (IoT) networks. Multilayer Perceptron (MLP) and Random Forest (RF) classifiers were created with regular and adversarial training, using the CIC-IDS2017 and IoT-23 datasets. In each scenario, targeted and untargeted attacks were performed against the classifiers, and the generated examples were compared with the original network traffic flows to assess their realism. The obtained results demonstrate that A2PM provides a scalable generation of realistic adversarial examples, which can be advantageous for both adversarial training and attacks.
publishDate 2022
dc.date.none.fl_str_mv 2022-03-08
2022-03-08T00:00:00Z
2023-01-25T11:37:47Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10400.22/21851
url http://hdl.handle.net/10400.22/21851
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv 10.3390/fi14040108
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv MDPI
publisher.none.fl_str_mv MDPI
dc.source.none.fl_str_mv reponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron:RCAAP
instname_str FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron_str RCAAP
institution RCAAP
reponame_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
collection Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository.name.fl_str_mv Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
repository.mail.fl_str_mv info@rcaap.pt
_version_ 1833600694241722368

Similar Items