Investigating on the robustness of flow-based intrusion detection system against adversarial samples using Generative Adversarial Networks

Abstract

Recently, Software Defined Networking (SDN) has emerged as the key technology in programming and orchestrating security policy in the security operations centers (SOCs) for heterogeneous networks. Typically, machine learning-based intrusion detection systems (ML-IDS) have been deployed and associated with SDN to leverage the features of a programmable network to defend against sophisticated cyberattacks in anomaly detection. Unfortunately, such ML-based IDSs are easily vulnerable to adversarial attacks due to the lack of diverse forms of malicious records in the training dataset. The missing data sample in the training phase can lead to a lower detection rate in real-world scenarios with adversarial settings. In this paper, we explore the ability of Wasserstein Generative Adversarial Networks with Gradient Penalty (WGAN-GP), WGAN-GP with two timescale update rule (WGAN-GP TTUR), and AdvGAN in generating perturbed attack samples to bypass attack detectors. Then, this approach is used to continuously evaluate the robustness of ML-based IDSs and then upgrade them as a service in SDN. The experimental results on CICIDS2018 and InSDN datasets demonstrate that generated adversarial samples can be used to fool targeted IDS. Later, those created samples can supplement the original ones in retraining IDS to improve the resilience of the attack detector.