Adversarial Machine Learning Attacks on Multiclass Classification of IoT Network Traffic
Vasileios Pantelakis, Panagiotis Bountakas, Aristeidis Farao, Christos Xenakis
Abstract
Machine Learning-based Intrusion Detection Systems have been proven to be very effective in the protection of IoT Networks. However, the expansion of Adversarial Machine Learning attacks threatens their efficacy affecting also the security of IoT networks. Thus, this paper proposes a Machine Learning-driven methodology for multiclass classification of cyber-attacks in IoT networks and investigates the robustness of the Machine and Deep Learning classifiers against several well-known Adversarial Machine Learning attacks (JSMA, FGSM, DeepFool). Moreover, the effectiveness of the Adversarial Training defense method has been studied in tackling Adversarial Machine Learning attacks. The proposed methodology was evaluated using a new and large IoT dataset (IoTID20) and the experimental results concluded that the Random Forest classifier can classify the cyber-attacks with high classification accuracy (99.9%) as well as the JSMA, FGSM, and DeepFool attacks can significantly reduce the performance of all the classifiers. Finally, based on the evaluation adversarial training can overall enhance the classifiers’ robustness against all the utilized Adversarial Machine Learning attacks without affecting the performance when only normal samples are present.