ELAT: Ensemble Learning with Adversarial Training in defending against evaded intrusions

Ying Dar Lin, Jehoshua Hanky Pratama, Didik Sudyana, Yuan Cheng Lai, Ren Hung Hwang, Po Ching Lin*, Hsuan Yu Lin, Wei Bin Lee, Chen Kuo Chiang

*此作品的通信作者

研究成果: Article同行評審

1 引文 斯高帕斯(Scopus)

摘要

Network intrusion detection systems (NIDSs) now adopt machine learning (ML) for detection of wide attack variants. However, ML is also known vulnerable to adversarial attacks, which can degrade the accuracy of ML. A number of defense strategies have been proposed but mostly in image classification areas. In this work, we propose Ensemble Learning with Adversarial Training (ELAT) to combine adversarial training and ensemble learning into a solution. We compare four approaches: single, ensemble, adversarial and ELAT. In the experiments, several models were developed and tested using different approaches to know which method is robust against adversarial attacks for ML-based NIDSs. The average F1 score for the single models was 0.93 within a wide range (0.82-0.99), but dropped to 0.29 when facing adversarial attacks, particularly dropped to 0.07 caused by the strongest attack, Projected Gradient Descent (PGD). With ensemble, adversarial and ELAT, the average scores were recovered to 0.80, 0.88 and 0.91, respectively. In addition, this work involves prediction of the models and approach implemented behind the system using cosine similarity with an accuracy of 99.9%.

原文English
文章編號103348
期刊Journal of Information Security and Applications
71
DOIs
出版狀態Published - 12月 2022

指紋

深入研究「ELAT: Ensemble Learning with Adversarial Training in defending against evaded intrusions」主題。共同形成了獨特的指紋。

引用此