A Novel Deep Learning based Model to Defend Network Intrusion Detection System against Adversarial Attacks
This addresses the problem of securing cyberspace against adversarial evasion for cybersecurity practitioners, but it is incremental as it applies known defense methods to a specific domain.
The paper tackles the vulnerability of deep learning-based Network Intrusion Detection Systems (NIDS) to adversarial attacks by implementing four attack methods (FGSM, JSMA, PGD, C&W) and using adversarial training as a defense, resulting in improved robustness as measured by performance metrics like f1-score and accuracy on the CICIDS-2017 dataset.
Network Intrusion Detection System (NIDS) is an essential tool in securing cyberspace from a variety of security risks and unknown cyberattacks. A number of solutions have been implemented for Machine Learning (ML), and Deep Learning (DL) based NIDS. However, all these solutions are vulnerable to adversarial attacks, in which the malicious actor tries to evade or fool the model by injecting adversarial perturbed examples into the system. The main aim of this research work is to study powerful adversarial attack algorithms and their defence method on DL-based NIDS. Fast Gradient Sign Method (FGSM), Jacobian Saliency Map Attack (JSMA), Projected Gradient Descent (PGD) and Carlini & Wagner (C&W) are four powerful adversarial attack methods implemented against the NIDS. As a defence method, Adversarial Training is used to increase the robustness of the NIDS model. The results are summarized in three phases, i.e., 1) before the adversarial attack, 2) after the adversarial attack, and 3) after the adversarial defence. The Canadian Institute for Cybersecurity Intrusion Detection System 2017 (CICIDS-2017) dataset is used for evaluation purposes with various performance measurements like f1-score, accuracy etc.