Abstract
Machine learning based Intrusion Detection Systems (IDS) allow flexible and efficient automated detection of cyberattacks in Internet of Things (IoT) networks. However, this has also created an additional attack vector; the machine learning models which support the IDS’s decisions may also be subject to cyberattacks known as Adversarial Machine Learning (AML). In the context of IoT, AML can be used to manipulate data and network traffic that traverse through such devices. These perturbations increase the confusion in the decision boundaries of the machine learning classifier, where malicious network packets are often miss-classified as being benign. Consequently, such errors are bypassed by machine learning based detectors, which increases the potential of significantly delaying attack detection and further consequences such as personal information leakage, damaged hardware, and financial loss. Given the impact that these attacks may have, this paper proposes a rule-based approach towards generating AML attack samples and explores how they can be used to target a range of supervised machine learning classifiers used for detecting Denial of Service attacks in an IoT smart home network. The analysis explores which DoS packet features to perturb and how such adversarial samples can support increasing the robustness of supervised models using adversarial training. The results demonstrated that the performance of all the top performing classifiers were affected, decreasing a maximum of 47.2 percentage points when adversarial samples were present. Their performances improved following adversarial training, demonstrating their robustness towards such attacks.
Highlights
This is the author’s version of a work that was submitted to / accepted for p u blic a tio n
Given the impact that these attacks may have, this paper proposes a rule-based approach towards generating Adversarial Machine Learning (AML) attack samples and explores how they can be used to target a range of supervised machine learning classifiers used for detecting Denial of Service attacks in an Internet of Things (IoT) smart home network
The experiments presented in this paper focus on hardening Denial of Service (DoS) defences against AML
Summary
Due to the advancement in machine learning, there has been a substantial increase in IDSs which use such techniques for IoT networks. Grosse et al (2017) evaluated the robustness of a neural network trained on the DREBIN Android malware dataset They reported that the model misclassified the perturbed inputs in the training set. In the context of IoT, there exist only a handful of investigations into AML attacks; the majority of which focus on machine learning detection methods for malware. Zizzo et al (2019) showcase a simple AML attack against an LSTM classifier which was applied on an ICS dataset This attack required the manual identification of features that needed to be perturbed in order to generate adversarial samples. In the context of IoT, AML has been used to target IoT software, Android applications, and sensor metric data, and has yet to address the subject of how AML may affect supervised machine learning-based IDSs trained on IoT network traffic data. There has yet to be an investigation into how to defend such IDS systems against AML attacks
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
