Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
129 tokens/sec
GPT-4o
28 tokens/sec
Gemini 2.5 Pro Pro
42 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Problem space structural adversarial attacks for Network Intrusion Detection Systems based on Graph Neural Networks (2403.11830v2)

Published 18 Mar 2024 in cs.CR and cs.AI

Abstract: Machine Learning (ML) algorithms have become increasingly popular for supporting Network Intrusion Detection Systems (NIDS). Nevertheless, extensive research has shown their vulnerability to adversarial attacks, which involve subtle perturbations to the inputs of the models aimed at compromising their performance. Recent proposals have effectively leveraged Graph Neural Networks (GNN) to produce predictions based also on the structural patterns exhibited by intrusions to enhance the detection robustness. However, the adoption of GNN-based NIDS introduces new types of risks. In this paper, we propose the first formalization of adversarial attacks specifically tailored for GNN in network intrusion detection. Moreover, we outline and model the problem space constraints that attackers need to consider to carry out feasible structural attacks in real-world scenarios. As a final contribution, we conduct an extensive experimental campaign in which we launch the proposed attacks against state-of-the-art GNN-based NIDS. Our findings demonstrate the increased robustness of the models against classical feature-based adversarial attacks, while highlighting their susceptibility to structure-based attacks.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (45)
  1. Ton_iot telemetry dataset: A new generation dataset of iot and iiot for data-driven intrusion detection systems. IEEE Access, 8:165130–165150, 2020.
  2. Modeling realistic adversarial attacks against network intrusion detection systems. Digital Threats: Research and Practice (DTRAP), 3(3):1–19, 2022.
  3. Deep reinforcement adversarial learning against botnet evasion attacks. IEEE Transactions on Network and Service Management, 17(4):1975–1987, 2020.
  4. G. Apruzzese and M. Colajanni. Evading botnet detectors based on flows and random forest with adversarial samples. In 2018 IEEE 17th International Symposium on Network Computing and Applications (NCA), pages 1–8. IEEE, 2018.
  5. On the effectiveness of machine and deep learning for cyber security. In 2018 10th international conference on cyber Conflict (CyCon), pages 371–390. IEEE, 2018.
  6. The role of machine learning in cybersecurity. Digital Threats: Research and Practice, 4(1):1–38, 2023.
  7. Security evaluation of support vector machines in adversarial environments. Support Vector Machines Applications, pages 105–153, 2014.
  8. B. Biggio and F. Roli. Wild patterns: Ten years after the rise of adversarial machine learning. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pages 2154–2156, 2018.
  9. Graph neural networks for intrusion detection: A survey. IEEE Access, 2023.
  10. C. Bullard. Audit record generation and utilization system (argus).
  11. Adversarial training of gradient-boosted decision trees. In Proceedings of the 28th ACM international conference on information and knowledge management, pages 2429–2432, 2019.
  12. A restricted black-box adversarial framework towards attacking graph embedding models. In Proceedings of the AAAI Conference on Artificial Intelligence, volume 34, pages 3389–3396, 2020.
  13. L. Chang and P. Branco. Graph-based solutions with residuals for intrusion detection: the modified e-graphsage and e-resgat algorithms. arXiv preprint arXiv:2111.13597, 2021.
  14. A. Chernikova and A. Oprea. Fence: Feasible evasion attacks on neural networks in constrained environments. ACM Transactions on Privacy and Security, 25(4):1–34, 2022.
  15. Cisco. Ios netflow. Technical report, 2021.
  16. M. J. De Lucia and C. Cotton. Adversarial machine learning for cyber security. Journal of Information Systems Applied Research, 12(1):26, 2019.
  17. M. Fey and J. E. Lenssen. Fast graph representation learning with PyTorch Geometric. In ICLR Workshop on Representation Learning on Graphs and Manifolds, 2019.
  18. S. Gamage and J. Samarabandu. Deep learning methods in network intrusion detection: A survey and an objective comparison. Journal of Network and Computer Applications, 169:102767, 2020.
  19. An empirical comparison of botnet detection methods. computers & security, 45:100–123, 2014.
  20. Inductive representation learning on large graphs. Advances in neural information processing systems, 30, 2017.
  21. Towards early and accurate network intrusion detection using graph embedding. IEEE Transactions on Information Forensics and Security, 2023.
  22. Jbeil: Temporal graph-based inductive learning to infer lateral movement in evolving enterprise networks. In 2024 IEEE Symposium on Security and Privacy (SP), pages 9–9. IEEE Computer Society, 2023.
  23. T. N. Kipf and M. Welling. Semi-supervised classification with graph convolutional networks. In International Conference on Learning Representations, 2016.
  24. Black-box adversarial example attack towards fcg based android malware detection under incomplete feature information.
  25. E-graphsage: A graph neural network based intrusion detection system for iot. In NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium, pages 1–9. IEEE, 2022.
  26. Launching adversarial attacks against network intrusion detection systems for iot. Journal of Cybersecurity and Privacy, 1(2):252–273, 2021.
  27. Practical black-box attacks against machine learning. In Proceedings of the 2017 ACM on Asia conference on computer and communications security, pages 506–519, 2017.
  28. Intriguing properties of adversarial ml attacks in the problem space. In 2020 IEEE symposium on security and privacy (SP), pages 1332–1349. IEEE, 2020.
  29. Unveiling the potential of graph neural networks for robust intrusion detection. ACM SIGMETRICS Performance Evaluation Review, 49(4):111–117, 2022.
  30. Adversarial machine learning attacks and defense methods in the cyber security domain. ACM Computing Surveys (CSUR), 54(5):1–36, 2021.
  31. Adversarial network traffic: Towards evaluating the robustness of deep-learning-based network traffic classification. IEEE Transactions on Network and Service Management, 18(2):1962–1976, 2021.
  32. Adversarial attack and defense on graph data: A survey. IEEE Transactions on Knowledge and Data Engineering, 2022.
  33. T. Takahashi. Indirect adversarial attacks via poisoning neighbors for graph convolutional networks. In 2019 IEEE International Conference on Big Data (Big Data), pages 1395–1400. IEEE, 2019.
  34. Black-box adversarial machine learning attack on network traffic classification. In 2019 15th International Wireless Communications & Mobile Computing Conference (IWCMC), pages 84–89. IEEE, 2019.
  35. Drelab-deep reinforcement learning adversarial botnet: A benchmark dataset for adversarial attacks against botnet intrusion detection systems. Data in Brief, 34:106631, 2021.
  36. Arganids: a novel network intrusion detection system based on adversarially regularized graph autoencoder. In Proceedings of the 38th ACM/SIGAPP Symposium on Applied Computing, pages 1540–1548, 2023.
  37. Practical evaluation of graph neural networks in network intrusion detection. In 2023 Italian Conference on Cyber Security, ITASEC 2023, volume 3488. CEUR-WS, 2023.
  38. waimorris. E-graphsage repository.
  39. Deep graph library: A graph-centric, highly-performant package for graph neural networks. arXiv preprint arXiv:1909.01315, 2019.
  40. Threatrace: Detecting and tracing host-based threats in node level through provenance graph learning. IEEE Transactions on Information Forensics and Security, 17:3972–3987, 2022.
  41. Evading machine learning botnet detection models via deep reinforcement learning. In ICC 2019-2019 IEEE International Conference on Communications (ICC), pages 1–6. IEEE, 2019.
  42. Semantics-preserving reinforcement learning attack against graph neural networks for malware detection. IEEE Transactions on Dependable and Secure Computing, 20(2):1390–1402, 2022.
  43. Structural attack against graph based android malware detection. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pages 3218–3235, 2021.
  44. Hierarchical adversarial attacks against graph-neural-network-based iot network intrusion detection system. IEEE Internet of Things Journal, 9(12):9310–9319, 2021.
  45. Adversarial attacks on neural networks for graph data. In Proceedings of the 24th ACM SIGKDD international conference on knowledge discovery & data mining, pages 2847–2856, 2018.
Citations (1)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets