Litcius/Paper detail

A Case Study with CICIDS2017 on the Robustness of Machine Learning against Adversarial Attacks in Intrusion Detection

Marta Catillo, Andrea Del Vecchio, Antonio Pecchia, Umberto Villano

202313 citationsDOIOpen Access PDF

Abstract

Intrusion detection systems (IDS) play a key role to assure security properties of modern computer networks. IDS are often based on machine and deep learning techniques; as such, IDS are vulnerable to various forms of adversarial attacks. This paper presents an initial case study on the robustness of machine learning for network intrusion detection against adversarial attacks. Experiments are based on a recent fix of the widely-used CICIDS2017 benchmark dataset, two well-known machine learning techniques for intrusion detection (i.e., deep autoencoders and decision trees), and the virtual adversarial method (VAM) to generate the adversarial examples. Based on the data and experiments at hand, the results provide many interesting findings on the robustness of the IDS models assessed. The autoencoder-based IDS is more robust to evasion rather than overstimulation. On the contrary, the decision tree is vulnerable to evasion; moreover, changes to the learning parameters can strongly affect the robustness of the decision tree against the VAM attack.

Topics & Concepts

Robustness (evolution)Adversarial systemComputer scienceIntrusion detection systemDecision treeMachine learningArtificial intelligenceAutoencoderAdversarial machine learningEvasion (ethics)Deep learningIntrusionData miningGeneBiochemistryGeochemistryImmune systemGeologyBiologyChemistryImmunologyNetwork Security and Intrusion DetectionAdvanced Malware Detection TechniquesAnomaly Detection Techniques and Applications
A Case Study with CICIDS2017 on the Robustness of Machine Learning against Adversarial Attacks in Intrusion Detection | Litcius