IDSGAN: Generative Adversarial Networks for Attack Generation against Intrusion Detection

As an important tool in security, the intrusion detection system bears the responsibility of the defense to network attacks performed by malicious traffic. Nowadays, with the help of machine learning algorithms, the intrusion detection system develops rapidly. However, the robustness of this system is questionable when it faces the adversarial attacks. To improve the detection system, more potential attack approaches should be researched. In this paper, a framework of the generative adversarial networks, IDSGAN, is proposed to generate the adversarial attacks, which can deceive and evade the intrusion detection system. Considering that the internal structure of the detection system is unknown to attackers, adversarial attack examples perform the black-box attacks against the detection system. IDSGAN leverages a generator to transform original malicious traffic into adversarial malicious traffic. A discriminator classifies traffic examples and simulates the black-box detection system. More significantly, we only modify part of the attacks' nonfunctional features to guarantee the validity of the intrusion. Based on the dataset NSL-KDD, the feasibility of the model is demonstrated to attack many detection systems with different attacks and the excellent results are achieved. Moreover, the robustness of IDSGAN is verified by changing the amount of the unmodified features.

[1]  Lior Rokach,et al.  Low Resource Black-Box End-to-End Attack Against State of the Art API Call Based Malware Classifiers , 2018, ArXiv.

[2]  Yi-Hsuan Yang,et al.  MuseGAN: Multi-track Sequential Generative Adversarial Networks for Symbolic Music Generation and Accompaniment , 2017, AAAI.

[3]  Christian Ledig,et al.  Photo-Realistic Single Image Super-Resolution Using a Generative Adversarial Network , 2016, 2017 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[4]  H. Anderson,et al.  Evading Machine Learning Malware Detection , 2017 .

[5]  Liang Hu,et al.  An improved intrusion detection framework based on Artificial Neural Networks , 2015, 2015 11th International Conference on Natural Computation (ICNC).

[6]  Ying Tan,et al.  Black-Box Attacks against RNN based Malware Detection Algorithms , 2017, AAAI Workshops.

[7]  Léon Bottou,et al.  Wasserstein GAN , 2017, ArXiv.

[8]  Salvatore J. Stolfo,et al.  A framework for constructing features and models for intrusion detection systems , 2000, TSEC.

[9]  Luca Antiga,et al.  Automatic differentiation in PyTorch , 2017 .

[10]  Abdullah Al-Dujaili,et al.  Adversarial Deep Learning for Robust Detection of Binary Encoded Malware , 2018, 2018 IEEE Security and Privacy Workshops (SPW).

[11]  Wei-Yang Lin,et al.  Intrusion detection by machine learning: A review , 2009, Expert Syst. Appl..

[12]  Jungwoo Lee,et al.  Generative Adversarial Trainer: Defense to Adversarial Perturbations with GAN , 2017, ArXiv.

[13]  Yun Chen,et al.  Dialogue Generation With GAN , 2018, AAAI.

[14]  Kai Huang,et al.  Intrusion Detection Using Convolutional Neural Networks for Representation Learning , 2017, ICONIP.

[15]  Bhavani M. Thuraisingham,et al.  Adversarial support vector machine learning , 2012, KDD.

[16]  Sung-Bae Cho,et al.  Malware Detection Using Deep Transferred Generative Adversarial Networks , 2017, ICONIP.

[17]  Yoshua Bengio,et al.  Generative Adversarial Nets , 2014, NIPS.

[18]  Patrick D. McDaniel,et al.  Adversarial Perturbations Against Deep Neural Networks for Malware Classification , 2016, ArXiv.

[19]  David Wagner,et al.  Adversarial Examples Are Not Easily Detected: Bypassing Ten Detection Methods , 2017, AISec@CCS.

[20]  Andrew J. Clark,et al.  Data preprocessing for anomaly based network intrusion detection: A review , 2011, Comput. Secur..

[21]  Ying Tan,et al.  Generating Adversarial Malware Examples for Black-Box Attacks Based on GAN , 2017, DMBD.

[22]  Zhi Xue,et al.  Character-Level Intrusion Detection Based On Convolutional Neural Networks , 2018, 2018 International Joint Conference on Neural Networks (IJCNN).

[23]  Lior Rokach,et al.  Generic Black-Box End-to-End Attack Against State of the Art API Call Based Malware Classifiers , 2017, RAID.