DIGFuPAS: Deceive IDS with GAN and function-preserving on adversarial samples in SDN-enabled networks

Duy, Phan The; Tien, Le Khac; Khoa, Nghi Hoang; Hien, Do Thi Thu; Nguyen, Anh Gia-Tuan; Pham, Van-Hau

doi:10.1016/j.cose.2021.102367

Cited by 31 publications

(11 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [74], the authors use conditional VAEs to detect network intrusions, using the labels in the training data as an extra input in the decoder to improve the accuracy. DIGFuPAS [75] aims to increase the ability of IDS against adversarial attacks by using a WGAN to repetitively retrain classifiers from crafted network traffic flow. ARIES [76] is a multilayered IDS that integrates unsupervised GAN with supervised decision tree and support vector machine (SVM).…”

Section: B Trust-boundary Protectionmentioning

confidence: 99%

Deep Generative Models in the Industrial Internet of Things: A Survey

Bermúdez-Edo

et al. 2022

IEEE Trans. Ind. Inf.

View full text Add to dashboard Cite

Advances in communication technologies and artificial intelligence are accelerating the paradigm of industrial Internet of Things (IIoT). With IIoT enabling continuous integration of sensors and controllers with the network, intelligent analysis of the generated Big Data is a critical requirement. Although IIoT is considered a subset of IoT, it has its own peculiarities in terms of higher levels of safety, security, and low-latency communication in an environment of critical real-time operations. Under these circumstances, discriminative deep learning (DL) algorithms are unsuitable due to their need for large amounts of labeled and balanced training data, uncertainty of inputs, etc. To overcome these issues, researchers have started using deep generative models (DGMs), which combine the flexibility of DL with the inference power of probabilistic modeling. In this article, we review the state of the art of DGMs and their applicability to IIoT, classifying the reviewed works into the IIoT application areas of anomaly detection, trust-boundary protection, network traffic prediction, and platform monitoring. Following an analysis of existing IIoT DGM implementations, we identify challenges (i.e., weak discriminative capability, insufficient interpretability, lack of generalization ability, generated data vulnerability, privacy concern, and data complexity) that need to be investigated in order to accelerate the adoption of DGMs in IIoT and also propose some potential research directions.

show abstract

Section: B Trust-boundary Protectionmentioning

confidence: 99%

Deep Generative Models in the Industrial Internet of Things: A Survey

Bermúdez-Edo

et al. 2022

IEEE Trans. Ind. Inf.

View full text Add to dashboard Cite

show abstract

“…Since Szegedy et al [15] discovered adversarial samples of artificial neural networks, more and more studies [16,17] have shown that machine learning models may be attacked during their training or prediction stages. The attack on the machine learning models can be divided into poisoning attacks and adversarial attacks according to the execution time [18].…”

Section: Related Workmentioning

confidence: 99%

VulnerGAN: a backdoor attack through vulnerability amplification against machine learning-based network intrusion detection systems

Liu

Zhang

et al. 2022

Sci. China Inf. Sci.

View full text Add to dashboard Cite

Machine learning-based network intrusion detection systems (ML-NIDS) are extensively used for network security against unknown attacks. Existing intrusion detection systems can effectively defend traditional network attacks, however, they face AI based threats. The current known AI attacks cannot balance the escape rate and attack effectiveness. In addition, the time cost of existing AI attacks is very high. In this paper, we propose a backdoor attack called VulnerGAN, which features high concealment, high aggressiveness, and high timeliness. The backdoor can make the specific attack traffic bypass the detection of ML-NIDS without affecting the performance of ML-NIDS in identifying other attack traffic. VulnerGAN uses generative adversarial networks (GAN) to calculate poisoning and adversarial samples based on machine learning model vulnerabilities. It can make traditional network attack traffic escape black-box online ML-NIDS. At the same time, model extraction and fuzzing test are used to enhance the convergence of VulnerGAN. Compared with the state-of-the-art algorithms, the VulnerGAN backdoor attack increases 33.28% in concealment, 18.48% in aggressiveness, and 46.32% in timeliness.

show abstract

“…At the same time, the malicious activity must not be compromised. For this reason, several researchers have proposed functionality preservation by modifying only the non-functionality preserving features using GANs [5], [7], [8]. However, various research works claim to preserve the malicious functionality of the generated samples using deep reinforcement learning.…”

Section: F Semantics/functionality Preservationmentioning

confidence: 99%

“…Third, it consumes additional time for retraining. Several GAN-based research works preserve the functionality of the generated samples by manipulating only non-functional features [5]- [7]. So, GANs do not play a role in generating a complete feature vector in those works.…”

mentioning

confidence: 99%

Deep Reinforcement Learning based Evasion Generative Adversarial Network for Botnet Detection

Randhawa¹,

Aslam²,

Alauthman³

et al. 2022

Preprint

View full text Add to dashboard Cite

Botnet detectors based on machine learning are potential targets for adversarial evasion attacks. Several research works employ adversarial training with samples generated from generative adversarial nets (GANs) to make the botnet detectors adept at recognising adversarial evasions. However, the synthetic evasions may not follow the original semantics of the input samples. This paper proposes a novel GAN model leveraged with deep reinforcement learning (DRL) to explore semantic aware samples and simultaneously harden its detection. A DRL agent is used to attack the discriminator of the GAN that acts as a botnet detector. The discriminator is trained on the crafted perturbations by the agent during the GAN training, which helps the GAN generator converge earlier than the case without DRL. We name this model RELEVAGAN, i.e. ["relive a GAN" or deep REinforcement Learning-based Evasion Generative Adversarial Network] because, with the help of DRL, it minimises the GAN's job by letting its generator explore the evasion samples within the semantic limits. During the GAN training, the attacks are conducted to adjust the discriminator weights for learning crafted perturbations by the agent. RELEVAGAN does not require adversarial training for the ML classifiers since it can act as an adversarial semantic-aware botnet detection model. Code will be available at https://github.com/rhr407/RELEVAGAN.

show abstract

DIGFuPAS: Deceive IDS with GAN and function-preserving on adversarial samples in SDN-enabled networks

Cited by 31 publications

References 16 publications

Deep Generative Models in the Industrial Internet of Things: A Survey

Deep Generative Models in the Industrial Internet of Things: A Survey

VulnerGAN: a backdoor attack through vulnerability amplification against machine learning-based network intrusion detection systems

Deep Reinforcement Learning based Evasion Generative Adversarial Network for Botnet Detection

Contact Info

Product

Resources

About