Verifying the robustness of machine learning based intrusion detection against adversarial perturbation

Ehsan Nowroozi; Rahim Taheri; Mehrdad  Hajizadeh; Thomas  Bauschert

doi:10.1109/CSR61664.2024.10679401

Verifying the robustness of machine learning based intrusion detection against adversarial perturbation

Ehsan Nowroozi^*, Rahim Taheri, Mehrdad Hajizadeh, Thomas Bauschert

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

46 Downloads (Pure)

Abstract

Neural networks (NNs) have been extensively adapted to various security tasks, such as spam detection, phishing, and intrusion detection. Particularly in IDS, NNs face significant vulnerabilities to adversarial attacks, where the adversary attempts to exploit the fragilities within machine-learning (ML) models. This study introduces a novel approach using interval-bound propagation (IBP) to formally verify and enhance the resilience of both shallow and deep NNs. We also investigated the effectiveness of various activation functions using benchmark IDS datasets. Our findings show that ReLu and Leaky-ReLu functions enhance resistance in shallow networks, whereas Tanh functions perform better in deep networks. We provide certified accuracies for models subjected to various input perturbations ranging from 0.0001 to 0.9, marking a significant advancement in verifying the security of NNs.

Original language	English
Title of host publication	2024 IEEE International Conference on Cyber Security and Resilience (CSR)
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	9-15
Number of pages	6
ISBN (Electronic)	9798350375367
ISBN (Print)	9798350375374
DOIs	https://doi.org/10.1109/CSR61664.2024.10679401
Publication status	Published - 24 Sept 2024
Event	2024 IEEE International Conference on Cyber Security and Resilience - Hilton London Tower Bridge, London, United Kingdom Duration: 2 Sept 2024 → 4 Sept 2024 https://www.ieee-csr.org

Conference

Conference	2024 IEEE International Conference on Cyber Security and Resilience
Abbreviated title	2024 IEEE CSR
Country/Territory	United Kingdom
City	London
Period	2/09/24 → 4/09/24
Internet address	https://www.ieee-csr.org

Keywords

Cybersecurity
Neural Network Security
Adversarial Robustness
Intrusion Detection System
Formal Verification
Robustness
Deep Learning

Access to Document

10.1109/CSR61664.2024.10679401

Verifying the robustness of machine learning based intrusion detection against adversarial perturbation
© © 2024 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Accepted author manuscript (Post-print), 1.46 MB

Cite this

@inproceedings{aa34c6b0e5e9469b855bba8c550a5ad0,

title = "Verifying the robustness of machine learning based intrusion detection against adversarial perturbation",

abstract = "Neural networks (NNs) have been extensively adapted to various security tasks, such as spam detection, phishing, and intrusion detection. Particularly in IDS, NNs face significant vulnerabilities to adversarial attacks, where the adversary attempts to exploit the fragilities within machine-learning (ML) models. This study introduces a novel approach using interval-bound propagation (IBP) to formally verify and enhance the resilience of both shallow and deep NNs. We also investigated the effectiveness of various activation functions using benchmark IDS datasets. Our findings show that ReLu and Leaky-ReLu functions enhance resistance in shallow networks, whereas Tanh functions perform better in deep networks. We provide certified accuracies for models subjected to various input perturbations ranging from 0.0001 to 0.9, marking a significant advancement in verifying the security of NNs.",

keywords = "Cybersecurity, Neural Network Security, Adversarial Robustness, Intrusion Detection System, Formal Verification, Robustness, Deep Learning",

author = "Ehsan Nowroozi and Rahim Taheri and Mehrdad Hajizadeh and Thomas Bauschert",

note = "No ISSN; 2024 IEEE International Conference on Cyber Security and Resilience, 2024 IEEE CSR ; Conference date: 02-09-2024 Through 04-09-2024",

year = "2024",

month = sep,

day = "24",

doi = "10.1109/CSR61664.2024.10679401",

language = "English",

isbn = "9798350375374",

pages = "9--15",

booktitle = "2024 IEEE International Conference on Cyber Security and Resilience (CSR)",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

address = "United States",

url = "https://www.ieee-csr.org",

}

Nowroozi, E, Taheri, R, Hajizadeh, M & Bauschert, T 2024, Verifying the robustness of machine learning based intrusion detection against adversarial perturbation. in 2024 IEEE International Conference on Cyber Security and Resilience (CSR). Institute of Electrical and Electronics Engineers Inc., pp. 9-15, 2024 IEEE International Conference on Cyber Security and Resilience, London, United Kingdom, 2/09/24. https://doi.org/10.1109/CSR61664.2024.10679401

Verifying the robustness of machine learning based intrusion detection against adversarial perturbation. / Nowroozi, Ehsan; Taheri, Rahim; Hajizadeh, Mehrdad et al.
2024 IEEE International Conference on Cyber Security and Resilience (CSR). Institute of Electrical and Electronics Engineers Inc., 2024. p. 9-15.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Verifying the robustness of machine learning based intrusion detection against adversarial perturbation

AU - Nowroozi, Ehsan

AU - Taheri, Rahim

AU - Hajizadeh, Mehrdad

AU - Bauschert, Thomas

N1 - No ISSN

PY - 2024/9/24

Y1 - 2024/9/24

N2 - Neural networks (NNs) have been extensively adapted to various security tasks, such as spam detection, phishing, and intrusion detection. Particularly in IDS, NNs face significant vulnerabilities to adversarial attacks, where the adversary attempts to exploit the fragilities within machine-learning (ML) models. This study introduces a novel approach using interval-bound propagation (IBP) to formally verify and enhance the resilience of both shallow and deep NNs. We also investigated the effectiveness of various activation functions using benchmark IDS datasets. Our findings show that ReLu and Leaky-ReLu functions enhance resistance in shallow networks, whereas Tanh functions perform better in deep networks. We provide certified accuracies for models subjected to various input perturbations ranging from 0.0001 to 0.9, marking a significant advancement in verifying the security of NNs.

AB - Neural networks (NNs) have been extensively adapted to various security tasks, such as spam detection, phishing, and intrusion detection. Particularly in IDS, NNs face significant vulnerabilities to adversarial attacks, where the adversary attempts to exploit the fragilities within machine-learning (ML) models. This study introduces a novel approach using interval-bound propagation (IBP) to formally verify and enhance the resilience of both shallow and deep NNs. We also investigated the effectiveness of various activation functions using benchmark IDS datasets. Our findings show that ReLu and Leaky-ReLu functions enhance resistance in shallow networks, whereas Tanh functions perform better in deep networks. We provide certified accuracies for models subjected to various input perturbations ranging from 0.0001 to 0.9, marking a significant advancement in verifying the security of NNs.

KW - Cybersecurity

KW - Neural Network Security

KW - Adversarial Robustness

KW - Intrusion Detection System

KW - Formal Verification

KW - Robustness

KW - Deep Learning

U2 - 10.1109/CSR61664.2024.10679401

DO - 10.1109/CSR61664.2024.10679401

M3 - Conference contribution

SN - 9798350375374

SP - 9

EP - 15

BT - 2024 IEEE International Conference on Cyber Security and Resilience (CSR)

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2024 IEEE International Conference on Cyber Security and Resilience

Y2 - 2 September 2024 through 4 September 2024

ER -

Verifying the robustness of machine learning based intrusion detection against adversarial perturbation

Abstract

Conference

Keywords

Access to Document

Fingerprint

Cite this