English

Rallying Adversarial Techniques against Deep Learning for Network Security

Cryptography and Security 2021-10-26 v2 Machine Learning

Abstract

Recent advances in artificial intelligence and the increasing need for powerful defensive measures in the domain of network security, have led to the adoption of deep learning approaches for use in network intrusion detection systems. These methods have achieved superior performance against conventional network attacks, which enable the deployment of practical security systems to unique and dynamic sectors. Adversarial machine learning, unfortunately, has recently shown that deep learning models are inherently vulnerable to adversarial modifications on their input data. Because of this susceptibility, the deep learning models deployed to power a network defense could in fact be the weakest entry point for compromising a network system. In this paper, we show that by modifying on average as little as 1.38 of the input features, an adversary can generate malicious inputs which effectively fool a deep learning based NIDS. Therefore, when designing such systems, it is crucial to consider the performance from not only the conventional network security perspective but also the adversarial machine learning domain.

Keywords

Cite

@article{arxiv.1903.11688,
  title  = {Rallying Adversarial Techniques against Deep Learning for Network Security},
  author = {Joseph Clements and Yuzhe Yang and Ankur Sharma and Hongxin Hu and Yingjie Lao},
  journal= {arXiv preprint arXiv:1903.11688},
  year   = {2021}
}

Comments

accepted by IEEE Symposium Series on Computational Intelligence (IEEE SSCI 2021)

R2 v1 2026-06-23T08:21:31.310Z