Robustness of Machine Learning-Based Intrusion Detection Systems Against Adversarial Attacks in Cyber-Physical Systems
Resumo
Cyber-physical systems are integral to various technological ecosystems, enabling interactions between computing systems, communication networks, and physical processes. Machine learning algorithms are employed to train anomaly-based Intrusion Detection Systems (IDS) to secure these ecosystems. However, they remain vulnerable to adversarial attacks, where training and testing data can be manipulated to degrade performance. This paper evaluates machine learning algorithms in anomaly-based IDSs under adversarial attacks using two datasets from the power system context. The results indicate that ensemble algorithms excelled against JSMA attacks, while single classifiers performed better against FGSM attacks, with Decision Tree and Random Forest being the top performers in their respective groups.
Palavras-chave:
sistemas de detecção de intrusão, aprendizado de máquina, ataques adversários, sistemas ciberfísicos
Referências
Alatwi, H. A. and Aldweesh, A. (2021). Adversarial black-box attacks against network intrusion detection systems: A survey. In 2021 IEEE World AI IoT Congress (AIIoT), pages 0034–0040. IEEE.
Alhajjar, E., Maxwell, P., and Bastian, N. (2021). Adversarial machine learning in network intrusion detection systems. Expert Systems with Applications, 186:115782.
Anthi, E., Williams, L., Rhode, M., Burnap, P., and Wedgbury, A. (2021). Adversarial attacks on machine learning cybersecurity defences in industrial control systems. Journal of Information Security and Applications, 58:102717.
Ayub, M. A., Johnson, W. A., Talbert, D. A., and Siraj, A. (2020). Model evasion attack on intrusion detection systems using adversarial machine learning. In 54th annual conference on information sciences and systems (CISS), pages 1–6. IEEE.
da Silva, G. H. E., Miani, R. S., and Zarpelao, B. B. (2023). Investigando o impacto de amostras adversárias na detecção de intrusões em um sistema ciberfísico. In Anais do XLI Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos, pages 281–294. SBC.
Figueroa, H., Wang, Y., and Giakos, G. C. (2022). Adversarial attacks in industrial control cyber physical systems. In 2022 IEEE International Conference on Imaging Systems and Techniques (IST), pages 1–6. IEEE.
Garcia-Teodoro, P., Diaz-Verdejo, J., Maciá-Fernández, G., and Vázquez, E. (2009). Anomaly-based network intrusion detection: Techniques, systems and challenges. computers & security, 28(1-2):18–28.
Gipiškis, R., Chiaro, D., Preziosi, M., Prezioso, E., and Piccialli, F. (2023). The impact of adversarial attacks on interpretable semantic segmentation in cyber–physical systems. IEEE Systems Journal, 17(4):5327–5334.
Greer, C., Burns, M., Wollman, D., and Griffor, E. (2019). Cyber-physical systems and internet of things.
Hariguna, T. and Hananto, A. R. (2022). Improved intrusion detection system (ids) performance using machine learning: A comparative study of single classifier and ensemble learning. In 2022 IEEE Creative Communication and Innovative Technology (ICCIT), pages 1–7. IEEE.
Huang, L., Joseph, A. D., Nelson, B., Rubinstein, B. I., and Tygar, J. D. (2011). Adversarial machine learning. In Proceedings of the 4th ACM workshop on Security and artificial intelligence, pages 43–58.
Khaw, Y. M., Jahromi, A. A., Arani, M. F., and Kundur, D. (2024). Evasive attacks against autoencoder-based cyberattack detection systems in power systems. Energy and AI, page 100381.
Martins, N., Cruz, J. M., Cruz, T., and Abreu, P. H. (2020). Adversarial machine learning applied to intrusion and malware scenarios: a systematic review. IEEE Access, 8:35403–35419.
Mohanty, H., Roudsari, A. H., and Lashkari, A. H. (2022). Robust stacking ensemble model for darknet traffic classification under adversarial settings. Computers & Security, 120:102830.
Quincozes, S. E., Albuquerque, C., Passos, D., and Mossé, D. (2022). Ereno: An extensible tool for generating realistic iec-61850 intrusion detection datasets. In Anais Estendidos do XXII Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais, pages 1–8. SBC.
Quincozes, S. E., Albuquerque, C., Passos, D., and Mossé, D. (2024). Ereno: A framework for generating realistic iec–61850 intrusion detection datasets for smart grids. IEEE Transactions on Dependable and Secure Computing, 21(4):3851–3865.
Sahani, N., Zhu, R., Cho, J.-H., and Liu, C.-C. (2023). Machine learning-based intrusion detection for smart grid computing: A survey. ACM Transactions on Cyber-Physical Systems, 7(2):1–31.
Woldeyohannes, H. D. (2021). Review on “adversarial robustness toolbox (art) v1. 5. x.”: Art attacks against supervised learning algorithms case study.
Alhajjar, E., Maxwell, P., and Bastian, N. (2021). Adversarial machine learning in network intrusion detection systems. Expert Systems with Applications, 186:115782.
Anthi, E., Williams, L., Rhode, M., Burnap, P., and Wedgbury, A. (2021). Adversarial attacks on machine learning cybersecurity defences in industrial control systems. Journal of Information Security and Applications, 58:102717.
Ayub, M. A., Johnson, W. A., Talbert, D. A., and Siraj, A. (2020). Model evasion attack on intrusion detection systems using adversarial machine learning. In 54th annual conference on information sciences and systems (CISS), pages 1–6. IEEE.
da Silva, G. H. E., Miani, R. S., and Zarpelao, B. B. (2023). Investigando o impacto de amostras adversárias na detecção de intrusões em um sistema ciberfísico. In Anais do XLI Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos, pages 281–294. SBC.
Figueroa, H., Wang, Y., and Giakos, G. C. (2022). Adversarial attacks in industrial control cyber physical systems. In 2022 IEEE International Conference on Imaging Systems and Techniques (IST), pages 1–6. IEEE.
Garcia-Teodoro, P., Diaz-Verdejo, J., Maciá-Fernández, G., and Vázquez, E. (2009). Anomaly-based network intrusion detection: Techniques, systems and challenges. computers & security, 28(1-2):18–28.
Gipiškis, R., Chiaro, D., Preziosi, M., Prezioso, E., and Piccialli, F. (2023). The impact of adversarial attacks on interpretable semantic segmentation in cyber–physical systems. IEEE Systems Journal, 17(4):5327–5334.
Greer, C., Burns, M., Wollman, D., and Griffor, E. (2019). Cyber-physical systems and internet of things.
Hariguna, T. and Hananto, A. R. (2022). Improved intrusion detection system (ids) performance using machine learning: A comparative study of single classifier and ensemble learning. In 2022 IEEE Creative Communication and Innovative Technology (ICCIT), pages 1–7. IEEE.
Huang, L., Joseph, A. D., Nelson, B., Rubinstein, B. I., and Tygar, J. D. (2011). Adversarial machine learning. In Proceedings of the 4th ACM workshop on Security and artificial intelligence, pages 43–58.
Khaw, Y. M., Jahromi, A. A., Arani, M. F., and Kundur, D. (2024). Evasive attacks against autoencoder-based cyberattack detection systems in power systems. Energy and AI, page 100381.
Martins, N., Cruz, J. M., Cruz, T., and Abreu, P. H. (2020). Adversarial machine learning applied to intrusion and malware scenarios: a systematic review. IEEE Access, 8:35403–35419.
Mohanty, H., Roudsari, A. H., and Lashkari, A. H. (2022). Robust stacking ensemble model for darknet traffic classification under adversarial settings. Computers & Security, 120:102830.
Quincozes, S. E., Albuquerque, C., Passos, D., and Mossé, D. (2022). Ereno: An extensible tool for generating realistic iec-61850 intrusion detection datasets. In Anais Estendidos do XXII Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais, pages 1–8. SBC.
Quincozes, S. E., Albuquerque, C., Passos, D., and Mossé, D. (2024). Ereno: A framework for generating realistic iec–61850 intrusion detection datasets for smart grids. IEEE Transactions on Dependable and Secure Computing, 21(4):3851–3865.
Sahani, N., Zhu, R., Cho, J.-H., and Liu, C.-C. (2023). Machine learning-based intrusion detection for smart grid computing: A survey. ACM Transactions on Cyber-Physical Systems, 7(2):1–31.
Woldeyohannes, H. D. (2021). Review on “adversarial robustness toolbox (art) v1. 5. x.”: Art attacks against supervised learning algorithms case study.
Publicado
17/11/2024
Como Citar
SILVA JÚNIOR, Antonio Carlos C. da; QUINCOZES, Silvio E.; CATTELAN, Renan G.; MIANI, Rodrigo S..
Robustness of Machine Learning-Based Intrusion Detection Systems Against Adversarial Attacks in Cyber-Physical Systems. In: ENCONTRO NACIONAL DE INTELIGÊNCIA ARTIFICIAL E COMPUTACIONAL (ENIAC), 21. , 2024, Belém/PA.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2024
.
p. 227-238.
ISSN 2763-9061.
DOI: https://doi.org/10.5753/eniac.2024.245249.
