Defending against adversarial machine learning attacks using hierarchical learning: A case study on network traffic attack classification

Ell, 2022 Biggio, 2018, Wild patterns: Ten years after the rise of adversarial machine learning, Pattern Recognit, 84, 317, 10.1016/j.patcog.2018.07.023 McCarthy, 2022, Functionality-preserving adversarial machine learning for robust classification in cybersecurity and intrusion detection domains: A survey, J Cybersecur Priv, 2, 154, 10.3390/jcp2010010 McCarthy, 2021, Feature vulnerability and robustness assessment against adversarial machine learning attacks, 1 Szegedy C, Zaremba W, Sutskever I, Bruna J, Erhan D, Goodfellow I, Fergus R. Intriguing properties of neural networks. In: International conference on learning representations, ICLR 2014. 2014, 2nd International Conference on Learning Representations, ICLR 2014 ; Conference date: 14-04-2014 Through 16-04-2014. Papernot, 2018, Sok: Security and privacy in machine learning, 399 Zhang, 2019, Adversarial examples: Opportunities and challenges, IEEE Trans Neural Netw Learn Syst, 10.1109/TNNLS.2019.2933524 Apruzzese, 2021, Modeling realistic adversarial attacks against network intrusion detection systems, Digit Threats: Res Pract Qureshi, 2020, An adversarial approach for intrusion detection systems using Jacobian saliency map attacks (JSMA) algorithm, Computers, 9, 58, 10.3390/computers9030058 Lin, 2022, Idsgan: Generative adversarial networks for attack generation against intrusion detection, 79 Papernot, 2016 Yang, 2022 Zhang, 2012, Internet traffic classification by aggregating correlated naive bayes predictions, IEEE Trans Inf Forensics Secur, 8, 5, 10.1109/TIFS.2012.2223675 Sheatsley R, Hoak B, Pauley E, Beugin Y, Weisman MJ, McDaniel P. On the robustness of domain constraints. In: Proceedings of the 2021 ACM SIGSAC conference on computer and communications security. 2021, p. 495–515. Apruzzese, 2022, The role of machine learning in cybersecurity, Digit Threats: Res Pract, 10.1145/3545574 Grosse, 2017 Nicolae, 2018 Wu, 2020, Network attacks detection methods based on deep learning techniques: a survey, Secur Commun Netw, 2020, 10.1155/2020/8872923 Tavallaee, 2009, A detailed analysis of the KDD CUP 99 data set, 1 McHugh, 2000, Testing intrusion detection systems: a critique of the 1998 and 1999 darpa intrusion detection system evaluations as performed by lincoln laboratory, ACM Trans Inf Syst Secur, 3, 262, 10.1145/382912.382923 Cerf, 2021, 2021 Internet perspectives, IEEE Network, 35, 3, 10.1109/MNET.2021.9355042 McKeay, 2020 SimilarWeb, 2022 Kok, 2019, A review of intrusion detection system using machine learning approach, Int J Eng Res Technol, 12, 8 Martins, 2020, Adversarial machine learning applied to intrusion and malware scenarios: a systematic review, IEEE Access, 8, 35403, 10.1109/ACCESS.2020.2974752 Gómez, 2021, Crafting adversarial samples for anomaly detectors in industrial control systems, Procedia Comput Sci, 184, 573, 10.1016/j.procs.2021.03.072 Gonzalez-Cuautle, 2020, Synthetic minority oversampling technique for optimizing classification tasks in botnet and intrusion-detection-system datasets, Appl Sci, 10, 794, 10.3390/app10030794 Johnson, 2019, Survey on deep learning with class imbalance, J Big Data, 6, 1, 10.1186/s40537-019-0192-5 Sheatsley, 2020 Bai, 2021 Amer, 2019 Lillicrap, 2016, Random synaptic feedback weights support error backpropagation for deep learning, Nature Commun, 7, 1, 10.1038/ncomms13276 Metzen, 2017 Carlini N, Wagner D. Adversarial examples are not easily detected: Bypassing ten detection methods. In: Proceedings of the 10th ACM workshop on artificial intelligence and security. 2017, p. 3–14. Tramèr F, Kurakin A, Papernot N, Goodfellow I, Boneh D, McDaniel P. Ensemble adversarial training: Attacks and defenses. In: 6th international conference on learning representations, ICLR 2018. 2018. Wang S, Wang X, Zhao P, Wen W, Kaeli D, Chin P, Lin X. Defensive dropout for hardening deep neural networks under adversarial attacks. In: Proceedings of the international conference on computer-aided design. 2018, p. 1–8. Resende, 2018, A survey of random forest based methods for intrusion detection systems, ACM Comput Surv, 51, 1, 10.1145/3178582 Qian, 2020 Chollet, 2015 Pedregosa, 2011, Scikit-learn: Machine learning in python, J Mach Learn Res, 12, 2825 Sharafaldin, 2018, Toward generating a new intrusion detection dataset and intrusion traffic characterization, ICISSp, 1, 108 Lashkari, 2017 Draper-Gil, 2016 Hofstede, 2011, Ethernet flow monitoring with IPFIX, 23 Engelen, 2021, Troubleshooting an intrusion detection dataset: the CICIDS2017 case study, 7 Pereira, 2021, Toward hierarchical classification of imbalanced data using random resampling algorithms, Inform Sci, 578, 344, 10.1016/j.ins.2021.07.033 Papernot N, McDaniel P, Goodfellow I, Jha S, Celik ZB, Swami A. Practical black-box attacks against machine learning. In: Proceedings of the 2017 ACM on Asia conference on computer and communications security. 2017, p. 506–19. Papernot, 2016, The limitations of deep learning in adversarial settings, 372 Sheatsley, 2022, Adversarial examples for network intrusion detection systems, J Comput Secur, 1 Madry A, Makelov A, Schmidt L, Tsipras D, Vladu A. Towards Deep Learning Models Resistant to Adversarial Attacks. In: International conference on learning representations. 2018, URL. Goodfellow, 2014 Miranda, 2021 Koller D, Sahami M. Hierarchically Classifying Documents Using Very Few Words. In: Proceedings of the fourteenth international conference on machine learning. 1997, p. 170–8. Murtagh, 2014, Ward’s hierarchical agglomerative clustering method: which algorithms implement ward’s criterion?, J Classification, 31, 274, 10.1007/s00357-014-9161-z Kiritchenko, 2006, Learning and evaluation in the presence of class hierarchies: Application to text categorization, 395 Ma, 2021 Jeanneret G, Pérez JC, Arbelaez P. A Hierarchical Assessment of Adversarial Severity. In: Proceedings of the IEEE/CVF international conference on computer vision. 2021, p. 61–70. Min, 2018, Su-ids: A semi-supervised and unsupervised framework for network intrusion detection, 322 Hosseini, 2017