ASNM Datasets: A Collection of Network Traffic Features for Testing of Adversarial Classifiers and Network Intrusion Detectors

10/23/2019
by   Ivan Homoliak, et al.
0

In this paper, we present three datasets that have been built from network traffic traces using ASNM features, designed in our previous work. The first dataset was built using a state-of-the-art dataset called CDX 2009, while the remaining two datasets were collected by us in 2015 and 2018, respectively. These two datasets contain several adversarial obfuscation techniques that were applied onto malicious as well as legitimate traffic samples during the execution of particular TCP network connections. Adversarial obfuscation techniques were used for evading machine learning-based network intrusion detection classifiers. Further, we showed that the performance of such classifiers can be improved when partially augmenting their training data by samples obtained from obfuscation techniques. In detail, we utilized tunneling obfuscation in HTTP(S) protocol and non-payload-based obfuscations modifying various properties of network traffic by, e.g., TCP segmentation, re-transmissions, corrupting and reordering of packets, etc. To the best of our knowledge, this is the first collection of network traffic metadata that contains adversarial techniques and is intended for non-payload-based network intrusion detection and adversarial classification. Provided datasets enable testing of the evasion resistance of arbitrary classifier that is using ASNM features.

READ FULL TEXT
research
06/21/2022

Using EBGAN for Anomaly Intrusion Detection

As an active network security protection scheme, intrusion detection sys...
research
05/07/2018

Improving Network Intrusion Detection Classifiers by Non-payload-Based Exploit-Independent Obfuscations: An Adversarial Approach

Machine-learning based intrusion detection classifiers are able to detec...
research
10/27/2022

TAD: Transfer Learning-based Multi-Adversarial Detection of Evasion Attacks against Network Intrusion Detection Systems

Nowadays, intrusion detection systems based on deep learning deliver sta...
research
12/20/2019

Explainability and Adversarial Robustness for RNNs

Recurrent Neural Networks (RNNs) yield attractive properties for constru...
research
09/03/2023

Multidomain transformer-based deep learning for early detection of network intrusion

Timely response of Network Intrusion Detection Systems (NIDS) is constra...
research
11/12/2020

Traffic Generation using Containerization for Machine Learning

The design and evaluation of data-driven network intrusion detection met...
research
11/28/2018

An Adversarial Approach for Explainable AI in Intrusion Detection Systems

Despite the growing popularity of modern machine learning techniques (e....

Please sign up or login with your details

Forgot password? Click here to reset