Functionality-preserving adversarial machine learning for robust classification in cybersecurity and intrusion detection domains: a survey

Andrew McCarthy*, Essam Ghadafi, Panagiotis Andriotis, Phil Legg*

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

49 Downloads (Pure)

Abstract

Machine learning has become widely adopted as a strategy for dealing with a variety of cybersecurity issues, ranging from insider threat detection to intrusion and malware detection. However, by their very nature, machine learning systems can introduce vulnerabilities to a security defence whereby a learnt model is unaware of so-called adversarial examples that may intentionally result in mis-classification and therefore bypass a system. Adversarial machine learning has been a research topic for over a decade and is now an accepted but open problem. Much of the early research on adversarial examples has addressed issues related to computer vision, yet as machine learning continues to be adopted in other domains, then likewise it is important to assess the potential vulnerabilities that may occur. A key part of transferring to new domains relates to functionality-preservation, such that any crafted attack can still execute the original intended functionality when inspected by a human and/or a machine. In this literature survey, our main objective is to address the domain of adversarial machine learning attacks and examine the robustness of machine learning models in the cybersecurity and intrusion detection domains. We identify the key trends in current work observed in the literature, and explore how these relate to the research challenges that remain open for future works. Inclusion criteria were: articles related to functionality-preservation in adversarial machine learning for cybersecurity or intrusion detection with insight into robust classification. Generally, we excluded works that are not yet peer-reviewed; however, we included some significant papers that make a clear contribution to the domain. There is a risk of subjective bias in the selection of non-peer reviewed articles; however, this was mitigated by co-author review. We selected the following databases with a sizeable computer science element to search and retrieve literature: IEEE Xplore, ACM Digital Library, ScienceDirect, Scopus, SpringerLink, and Google Scholar. The literature search was conducted up to January 2022. We have striven to ensure a comprehensive coverage of the domain to the best of our knowledge. We have performed systematic searches of the literature, noting our search terms and results, and following up on all materials that appear relevant and fit within the topic domains of this review. This research was funded by the Partnership PhD scheme at the University of the West of England in collaboration with Techmodal Ltd.
Original languageEnglish
Pages (from-to)154-190
Number of pages37
JournalJournal of Cybersecurity and Privacy
Volume2
Issue number1
DOIs
Publication statusPublished - 17 Mar 2022

Keywords

  • cybersecurity
  • adversarial machine learning
  • machine learning
  • intrusion detection
  • functionality-preservation

Fingerprint

Dive into the research topics of 'Functionality-preserving adversarial machine learning for robust classification in cybersecurity and intrusion detection domains: a survey'. Together they form a unique fingerprint.

Cite this