Adversarial Machine Learning Attacks against Intrusion Detection Systems: A Survey on Strategies and Defense

Alotaibi, Afnan; Rassam, Murad A.

doi:10.3390/fi15020062

Cited by 48 publications

(19 citation statements)

References 75 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The objective is to overwhelm the resources of the target, causing disruption and making services inaccessible to authorized users. DDoS attacks are challenging to mitigate because they exploit the distributed nature of the assault, making it difficult to trace and block the multitude of sources simultaneously [22]. Attackers leverage diverse techniques, including amplification, reflection, and application-layer exploits, to maximize the impact.…”

Section: Ddosmentioning

confidence: 99%

A hybrid deep learning approach for enhanced network intrusion detection

Prabu,

Sudhakar

2024

IJEECS

View full text Add to dashboard Cite

The contemporary era places paramount importance on network security and cloud environments, driven by increased data transmission demands, the flexibility of cloud services, and the prevalence of global resources. Addressing the escalating threat of computer malware, the development of efficient intrusion detection systems (IDS) is imperative. This research focuses on the challenges posed by imbalanced datasets and the necessity for unsupervised learning to enhance network security. The proposed hybrid deep learning method utilizes raw data from the CSE-CIC-IDS-2018 dataset, integrating imbalanced and unsupervised learning techniques. After preprocessing and normalization, feature extraction through principal component analysis (PCA) reduces dimensionality from seventy-eight fields to ten essential features. Clustering, employing the density-based spatial clustering of applications with noise (DBSCAN) algorithm optimized with particle swarm optimization (PSO), is applied to the extracted features, distinguishing between attack and non-attack packets. Addressing dataset imbalances, imbalanced learning techniques are employed, and unsupervised learning is exemplified through the AutoEncoder (AE) algorithm. The attack cluster’s data is input into AE, a deep learning-based approach, yielding outputs for attack classification. The proposed technique (PCA+DBSCANPSO+AE) achieves an impressive 99.19% accuracy in intrusion detection, surpassing contemporary methodologies and five existing techniques. This research not only enhances accuracy but also addresses imbalanced learning challenges, utilizing the power of unsupervised learning for robust network security.

show abstract

Section: Ddosmentioning

confidence: 99%

A hybrid deep learning approach for enhanced network intrusion detection

Prabu,

Sudhakar

2024

IJEECS

View full text Add to dashboard Cite

show abstract

“…Based on recognized attack patterns, WAFs examine incoming tra c and apply predetermined rules to deny or permit requests. [22] • Attackers can use zeroday assaults or evasion strategies to get around WAFs.…”

Section: Web Application Firewallsmentioning

confidence: 99%

Augmenting SQL Injection Attack Detection via Deep Convolutional Neural Network

Sneha,

Singh

2024

Preprint

View full text Add to dashboard Cite

Advancing the systematic methods or algorithms is necessary because SQL injection attacks can be hazardous for the security of databases and various web applications. SQL injection can be a destructive security risks which targets vulnerable web applications. There were many techniques which was previously developed which is also known as traditional methods or techniques. Those techniques used to generally rely on the signature-based methods which struggle to adjust into new attack patterns. Therefore, different new techniques were introduced with integration of machine learning. SQL injection attack detection with the blend of machine learning facilitates improvement in cybersecurity providing the scalable and the proficient defense mechanism against the developing cyber-attack. This research paper provides a potential technique to the danger of SQL injection which is based on Machine Learning i.e. Deep Convolutional Neural Network (DCNN). The proposed model was trained on the large datasets which includes genuine as well as malicious SQL queries for assuring its ability to adapt different types of evolving attacks. We have used embedding layers and tokenization techniques for demonstrating SQL queries as numerical input for the model. It is made up of many convolutional layers and fully linked layers which is able to illustrate the complex patterns and the complex correlation that can be observed in SQL queries. Our approach to detect a SQL injection attack utilizing a DCNN illustrates the remarkable accuracy, precision, recall as well as F1 score. Additionally, we also had a look at the significances of using deep learning techniques in real-world scenarios along with the existing web application and the framework.

show abstract

“…Attack Severity Classification is a critical concept in cybersecurity that refers to the process of categorizing attacks based on their severity. This concept is essential for organizations to develop appropriate responses and strategies to prevent or mitigate attacks [6]. Attack severity classification helps organizations to understand the potential impact of an attack, including its scope, duration, and level of damage.…”

Section: Attack Severity Classificationmentioning

confidence: 99%

“…1, April 2023, pp. 01-10 ISSN 2776-8007 2 risks and vulnerabilities present in a network, enabling organizations to take a more targeted and effective approach to cybersecurity [6].…”

Section: Introductionmentioning

confidence: 99%

Using Information Technology to Quantitatively Evaluate and Prevent Cybersecurity Threats in a Hierarchical Manner

Mai¹

2023

Int. J. Appl. Inf. Manag.

View full text Add to dashboard Cite

The vulnerability of traditional network security technology in the face of rapid advancements in information technology and the constant changes in network security. As a result, hackers can easily exploit loopholes in traditional security measures, such as cracking cryptographic algorithms, and stealing sensitive user information and data, which has led to a crisis of trust in recent years. To ensure safe and effective operation of massive data on the network, this article presents a quantitative assessment of the network's threat situation. The assessment is divided into two parts: support evaluation and credibility evaluation. These parts are further broken down into three levels of evaluation and severity evaluation. The article also provides a list of network security-related precautions that can be taken to mitigate potential risks. The experimental results show that implementing these hierarchical security measures can improve the security rate of Internet users' information by 4%-5%. Overall, the article highlights the importance of adopting more advanced and sophisticated security measures to combat the increasingly complex threats posed by cybercriminals.

show abstract

Adversarial Machine Learning Attacks against Intrusion Detection Systems: A Survey on Strategies and Defense

Cited by 48 publications

References 75 publications

A hybrid deep learning approach for enhanced network intrusion detection

A hybrid deep learning approach for enhanced network intrusion detection

Augmenting SQL Injection Attack Detection via Deep Convolutional Neural Network

Using Information Technology to Quantitatively Evaluate and Prevent Cybersecurity Threats in a Hierarchical Manner

Contact Info

Product

Resources

About