مقاله انگلیسی تقویت سیستم دفاعی انکار سرویس (DoS) در برابر حملات خصمانه
Abstract
Keywords
Introduction
Related work
Attacking a supervised machine learning detector
Adversarial machine learning
Generating adversarial samples
Evaluating the model on adversarial samples
Defending against adversarial machine learning
Conclusion
Limitations and Future Work
CRediT authorship contribution statement
Declaration of Competing Interest
Acknowledgements
Appendix A. Supplementary materials
Research Data
References
abstract
Machine learning based Intrusion Detection Systems (IDS) allow flexible and efficient automated detection of cyberattacks in Internet of Things (IoT) networks. However, this has also created an additional attack vector; the machine learning models which support the IDS’s decisions may also be subject to cyberattacks known as Adversarial Machine Learning (AML). In the context of IoT, AML can be used to manipulate data and network traffic that traverse through such devices. These perturbations increase the confusion in the decision boundaries of the machine learning classifier, where malicious network packets are often miss-classified as being benign. Consequently, such errors are bypassed by machine learning based detectors, which increases the potential of significantly delaying attack detection and further consequences such as personal information leakage, damaged hardware, and financial loss. Given the impact that these attacks may have,this paper proposes a rule-based approach towards generating AML attack samples and explores how they can be used to target a range of supervised machine learning classifiers used for detecting Denial of Service attacks in an IoT smart home network. The analysis explores which DoS packet features to perturb and how such adversarial samples can support increasing the robustness of supervised models using adversarial training. The results demonstrated that the performance of all the top performing classifiers were affected, decreasing a maximum of 47.2 percentage points when adversarial samples were present. Their performances improved following adversarial training, demonstrating their robustness towards such attacks.
Introduction
The proliferation in Internet of Things (IoT) devices, which routinely collect sensitive information, is demonstrated by their prominence in our daily lives. Although such devices simplify and automate everyday tasks, they also introduce tremendous security flaws. Current insufficient security mea-sures employed to defend smart devices make IoT the ‘weakest’ link to breaking into a secure infrastructure, and therefore an attractive target to attackers. As the number of IoT devices increases exponentially (Gubbi et al., 2013), the number of unknown vulnerabilities and threats also increases, resulting in perimeter defences becoming weaker. Intrusion Detection Systems (IDSs) have emerged as successful attack detection and identification methods in IoT networks. In particular, due to the rapid increase in the development of IoT devices, their heterogeneity, and the amount of data that is produced from such technologies, machine learning techniques have been integrated to support IDSs in IoT networks to defend against a greater array of attacks (e.g. Amouri et al., 2018; Anthi et al., 2018; Doshi et al., 2018; McDermott et al., 2018; Meidan et al., 2018; Shukla, 2017).