Abstract
Whilst machine learning has been widely adopted for various domains, it is important to consider how such techniques may be susceptible to malicious users through adversarial attacks. Given a trained classifier, a malicious attack may attempt to craft a data observation whereby the data features purposefully trigger the classifier to yield incorrect responses. This has been observed in various image classification tasks, including falsifying road sign detection and facial recognition, which could have severe consequences in real-world deployment. In this work, we investigate how these attacks could impact on network traffic analysis, and how a system could perform misclassification of common network attacks such as DDoS attacks. Using the CICIDS2017 data, we examine how vulnerable the data features used for intrusion detection are to perturbation attacks using FGSM adversarial examples. As a result, our method provides a defensive approach for assessing feature robustness that seeks to balance between classification accuracy whilst minimising the attack surface of the feature space.
| Original language | English |
|---|---|
| Title of host publication | 2021 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA) |
| Publisher | IEEE |
| Number of pages | 8 |
| ISBN (Electronic) | 9781665425292 |
| ISBN (Print) | 9781665430920 |
| DOIs | |
| Publication status | Published - 12 Jul 2021 |
| Event | 2021 International Conference on Cyber Situational Awareness, Data Analytics and Assessment - Virtual Duration: 14 Jun 2021 → 18 Jun 2021 |
Conference
| Conference | 2021 International Conference on Cyber Situational Awareness, Data Analytics and Assessment |
|---|---|
| Abbreviated title | CyberSA 2021 |
| Period | 14/06/21 → 18/06/21 |
Keywords
- adversarial learning
- machine learning
- network traffic analysis