Enhancing Robustness Against Adversarial Examples in Network Intrusion Detection Systems

by   Mohammad J. Hashemi, et al.

The increase of cyber attacks in both the numbers and varieties in recent years demands to build a more sophisticated network intrusion detection system (NIDS). These NIDS perform better when they can monitor all the traffic traversing through the network like when being deployed on a Software-Defined Network (SDN). Because of the inability to detect zero-day attacks, signature-based NIDS which were traditionally used for detecting malicious traffic are beginning to get replaced by anomaly-based NIDS built on neural networks. However, recently it has been shown that such NIDS have their own drawback namely being vulnerable to the adversarial example attack. Moreover, they were mostly evaluated on the old datasets which don't represent the variety of attacks network systems might face these days. In this paper, we present Reconstruction from Partial Observation (RePO) as a new mechanism to build an NIDS with the help of denoising autoencoders capable of detecting different types of network attacks in a low false alert setting with an enhanced robustness against adversarial example attack. Our evaluation conducted on a dataset with a variety of network attacks shows denoising autoencoders can improve detection of malicious traffic by up to 29 normal setting and by up to 45 recently proposed anomaly detectors.



There are no comments yet.


page 1

page 6


IDSGAN: Generative Adversarial Networks for Attack Generation against Intrusion Detection

As an important tool in security, the intrusion detection system bears t...

Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection

Neural networks have become an increasingly popular solution for network...

Unsupervised Abnormal Traffic Detection through Topological Flow Analysis

Cyberthreats are a permanent concern in our modern technological world. ...

SynGAN: Towards Generating Synthetic Network Attacks using GANs

The rapid digital transformation without security considerations has res...

Robustness of ML-Enhanced IDS to Stealthy Adversaries

Intrusion Detection Systems (IDS) enhanced with Machine Learning (ML) ha...

Detection of cybersecurity attacks through analysis of web browsing activities using principal component analysis

Organizations such as government departments and financial institutions ...

Towards Identifying Human Actions, Intent, and Severity of APT Attacks Applying Deception Techniques – An Experiment

Attacks by Advanced Persistent Threats (APTs) have been shown to be diff...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.