Adversarial Machine Learning Methods in the Detection of Anomalies in Computer Networks
Abstract
With the use of intrusion detection systems and the need to improve their classifications and performance, the present work aims to study classifiers using machine learning and, in particular, adversarial methods. This study’s main contribution is the validation of the benefit of Adversarial Machine Learning Methods in the detection of anomalies in computer networks. For this, experiments with several classifiers are carried out on a set of data with different attacks through experiments with altered samples to observe the classifiers’ behavior. We can observe that the results were promising, consistent with other similar studies, indicating the best classifier and the best metric for each type of attack, the best metric for evaluating the results, and the most relevant parameters for correcting the labeled classifications incorrectly. Therefore, the adversarial methods, based on modified samples to correct erroneous classifications, may be adequate to improve classification methods based on artificial intelligence. The F1-Score metric achieved for each attack category was 0.99 for DoS, 0.99 for Probe, 0.95 for R2L, and 0.65 for U2R, considering the NSL-KDD data set.
References
Goebel, M. and Gruenwald, L. (1999). A survey of data mining and knowledge discovery software tools. SIGKDD Explor. Newsl., 1(1):20–33.
Kuchipudi, B., Nannapaneni, R. T., and Liao, Q. (2020). Adversarial machine learning for spam lters. In ACM International Conference Proceeding Series, pages 1–6, New York, NY, USA. Association for Computing Machinery.
Laskov, P. and Lippmann, R. (2010). Machine learning in adversarial environments.
Marino, D. L., Wickramasinghe, C. S., and Manic, M. (2018). An adversarial approach for explainable ai in intrusion detection systems. In IECON 2018 44th Annual Conference of the IEEE Industrial Electronics Society, pages 3237–3243.
Sapre, S., Ahmadi, P., and Islam, K. (2019). A Robust Comparison of the KDDCup99 and NSL-KDD Intrusion Detection Datasets by Utilizing Principle Component Analysis and Evaluating the Performance of Various Machine Learning Algorithms:. Journal of Student-Scientists’ Research, 1.
Sharma, P., Austin, D., and Liu, H. (2019). Attacks on Machine Learning: Adversarial Examples in Connected and Autonomous Vehicles. In 2019 IEEE International Symposium on Technologies for Homeland Security, HST 2019. Institute of Electrical and Electronics Engineers Inc.
Silva, L., Silva, A., Filho, A. F., and Filho, A. B. (2019). Estudo comparativo de métodos de aprendizagem de máquina aplicados em sistemas de detecção de intrusão. In Anais da VII Escola Regional de Computação do Ceará, Maranhão e Piauí, pages 135–142, Porto Alegre, RS, Brasil. SBC.
Tanenbaum, A. S. and Wetherall, D. J. (2021). Computer Networks, Global Edition. Pearson Education, 6th edition.
Usama, M., Qayyum, A., Qadir, J., and Al-Fuqaha, A. (2019). Black-box adversarial machine learning attack on network trafc classication. In 2019 15th International Wireless Communications and Mobile Computing Conference, IWCMC 2019, pages 84–89. Institute of Electrical and Electronics Engineers Inc.
Wenke Lee, Stolfo, S. J., and Mok, K. W. (1999). A data mining framework for building intrusion detection models. In Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344), pages 120–132.
