Adversarial Machine Learning Applied to Intrusion and Malware Scenarios: A Systematic Review

Martins, Nuno; Cruz, José Magalhães; Cruz, Tiago; Abreu, Pedro Henriques

doi:10.1109/access.2020.2974752

Cited by 139 publications

(56 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…ML-NIDS are gaining popularity [11,30], with the typical consequence that real attackers are turning their attention to the vulnerabilities of some ML components. This paper considers the so called adversarial attacks against ML-NIDS [62,92], and does not make any assumption on the specific ML-algorithm, nor on the analyzed data type of the ML-NIDS.…”

Section: Analysis and Classificationmentioning

confidence: 99%

See 1 more Smart Citation

Modeling Realistic Adversarial Attacks against Network Intrusion Detection Systems

et al. 2022

View full text Add to dashboard Cite

The incremental diffusion of machine learning algorithms in supporting cybersecurity is creating novel defensive opportunities but also new types of risks. Multiple researches have shown that machine learning methods are vulnerable to adversarial attacks that create tiny perturbations aimed at decreasing the effectiveness of detecting threats. We observe that existing literature assumes threat models that are inappropriate for realistic cybersecurity scenarios because they consider opponents with complete knowledge about the cyber detector or that can freely interact with the target systems. By focusing on Network Intrusion Detection Systems based on machine learning methods, we identify and model the real capabilities and circumstances that are necessary for an attacker to carry out a feasible and successful adversarial attack. We then apply our model to several adversarial attacks proposed in literature and highlight the limits and merits that can result in actual adversarial attacks. The contributions of this paper can help hardening defensive systems by letting cyber defenders address the most critical and real issues, and can benefit researchers by allowing them to devise novel forms of adversarial attacks based on realistic threat models.

show abstract

Section: Analysis and Classificationmentioning

confidence: 99%

“…By leveraging such information it is possible to understand the decision boundaries of the ML model and to craft specific samples that thwart the detection mechanism. These attacks are also known as white-box attacks [62].…”

Section: Adversarial Attacks Against Machine Learningmentioning

confidence: 99%

Modeling Realistic Adversarial Attacks against Network Intrusion Detection Systems

et al. 2022

View full text Add to dashboard Cite

show abstract

“…Lastly, evasion has also been a major topic among the researchers and practitioners conjugating ML with cybersecurity. As an example, the survey [31] focused on the malware evading ML-based detection techniques. It explored the adversarial attacks and the applications of adversarial ML for malware detection.…”

Section: Surveys On Machine Learning Applicationsmentioning

confidence: 99%

“…• limited interest in information hiding: as shown, only one recent work dealt with information hiding (specifically, in the context of mobile devices). As modern mal- [23] x x x x x [16] x x x x x [24] x x [22] x x fileless [31] x adversarial ML [17] x tools [25] x AI [14] x x x evasion, tools [34] x x x evasion [18] x x evasion [21] x x APT [28] x x cybersecurity [19] x evasion [26] x x x x [27] x x cybersecurity [36] x x x visualisation [30] x x [11] x x behavior analysis, visualisation [12] x analysis [37] x x [33] x x x evasion [29] x x x [15] x x x x x [20] x x stealth malware [32] x x x C&C communication [35] x x x OS openness [38] x x [39] x visualisation ware is increasingly exploiting some form of steganography, information hiding and obfuscation to launch attacks or exfiltrate data [42], [43], this consolidated trend should be taken into account. • lack of sufficient coverage of new threats: despite the vivacity of the topic, many works continue to focus on the "legacy" hazards, e.g., phishing.…”

Section: Contributions and Survey Architecturementioning

confidence: 99%

Tight Arms Race: Overview of Current Malware Threats and Trends in Their Detection

Caviglione

Choraś

Corona³

et al. 2021

IEEE Access

View full text Add to dashboard Cite

“…self-driving car) by proposing a possible attack to misclassify signs on the road. Several studies also have represented that AEs can be generated and utilized for disturbing malware detection [95], [96] and intrusion detection [97], [98]; the forensic investigators should be aware of data injection crime. If perpetrators have permission to modify or delete some training data, they can perform fatal attacks to AI system; it is the data modification crime.…”

Section: ) Training System Attackmentioning

confidence: 99%

Artificial Intelligence Security Threat, Crime, and Forensics: Taxonomy and Open Issues

Jeong

2020

IEEE Access

View full text Add to dashboard Cite

Advances in Artificial Intelligence (AI) have influenced almost every field including computer science, robotics, social engineering, psychology, criminology and so on. Although AI has solved various challenges, potential security threats of AI algorithms and training data have been stressed by AI researchers. As AI system inherits security threats of traditional computer system, the concern about novel cyberattack enhanced by AI is also growing. In addition, AI is deeply connected to physical space (e.g. autonomous vehicle, intelligent virtual assistant), so AI-related crime can harm people physically, beyond the cyberspace. In this context, we represent a literature review of security threats and AI-related crime. Based on the literature review, this article defines the term AI crime and classifies AI crime into 2 categories: AI as tool crime and AI as target crime, inspired by a taxonomy of cybercrime: Computer as tool crime and Computer as tool crime. Through the proposed taxonomy, foreseeable AI crimes are systematically studied and related forensic techniques are also addressed. We also analyze the characteristics of the AI crimes and present challenges that are difficult to be solved with the traditional forensic techniques. Finally, open issues are presented, with emphasis on the need to establish novel strategies for AI forensics.

show abstract

Adversarial Machine Learning Applied to Intrusion and Malware Scenarios: A Systematic Review

Cited by 139 publications

References 42 publications

Modeling Realistic Adversarial Attacks against Network Intrusion Detection Systems

Modeling Realistic Adversarial Attacks against Network Intrusion Detection Systems

Tight Arms Race: Overview of Current Malware Threats and Trends in Their Detection

Artificial Intelligence Security Threat, Crime, and Forensics: Taxonomy and Open Issues

Contact Info

Product

Resources

About