Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Targeted Adversarial Traffic Generation : Black-box Approach to Evade Intrusion Detection Systems in IoT Networks

Islam Debicha, Tayeb Kenaza, Ishak Charfi, Salah Mosbah, Mehdi Sehaki, Jean-Michel Dricot

Abstract

The integration of machine learning (ML) algorithms into Internet of Things (IoT) applications has introduced significant advantages alongside vulnerabilities to adversarial attacks, especially within IoT-based intrusion detection systems (IDS). While theoretical adversarial attacks have been extensively studied, practical implementation constraints have often been overlooked. This research addresses this gap by evaluating the feasibility of evasion attacks on IoT network-based IDSs, employing a novel black-box adversarial attack. Our study aims to bridge theoretical vulnerabilities with real-world applicability, enhancing understanding and defense against sophisticated threats in modern IoT ecosystems. Additionally, we propose a defense scheme tailored to mitigate the impact of evasion attacks, thereby reinforcing the resilience of ML-based IDSs. Our findings demonstrate successful evasion attacks against IDSs, underscoring their susceptibility to advanced techniques. In contrast, we proposed a defense mechanism that exhibits robust performance by effectively detecting the majority of adversarial traffic, showcasing promising outcomes compared to current state-of-the-art defenses. By addressing these critical cybersecurity challenges, our research contributes to advancing IoT security and provides insights for developing more resilient IDS.

Targeted Adversarial Traffic Generation : Black-box Approach to Evade Intrusion Detection Systems in IoT Networks

Abstract

The integration of machine learning (ML) algorithms into Internet of Things (IoT) applications has introduced significant advantages alongside vulnerabilities to adversarial attacks, especially within IoT-based intrusion detection systems (IDS). While theoretical adversarial attacks have been extensively studied, practical implementation constraints have often been overlooked. This research addresses this gap by evaluating the feasibility of evasion attacks on IoT network-based IDSs, employing a novel black-box adversarial attack. Our study aims to bridge theoretical vulnerabilities with real-world applicability, enhancing understanding and defense against sophisticated threats in modern IoT ecosystems. Additionally, we propose a defense scheme tailored to mitigate the impact of evasion attacks, thereby reinforcing the resilience of ML-based IDSs. Our findings demonstrate successful evasion attacks against IDSs, underscoring their susceptibility to advanced techniques. In contrast, we proposed a defense mechanism that exhibits robust performance by effectively detecting the majority of adversarial traffic, showcasing promising outcomes compared to current state-of-the-art defenses. By addressing these critical cybersecurity challenges, our research contributes to advancing IoT security and provides insights for developing more resilient IDS.
Paper Structure (33 sections, 9 equations, 18 figures, 8 tables, 1 algorithm)

This paper contains 33 sections, 9 equations, 18 figures, 8 tables, 1 algorithm.

Table of Contents

  1. Introduction
  2. Background & Related works
  3. Internet Of Things
  4. Intrusion Detection System
  5. Adversarial Attacks
  6. Related Works
  7. Black-box Evasion Attack
  8. Threat Model
  9. Network Traffic Manipulation
  10. Adversarial Instances Generation
  11. How D2TC Minimizes Feature Perturbations
  12. Strengthening adversarial robustness
  13. Data partitioning
  14. Defense Process
  15. Defense architecture
  16. ...and 18 more sections

Figures (18)

  • Figure 1: Schematic illustration of the threat scenario, showing how the attacker replicates a substitute IoT environment, builds a substitution model, and leverages transferability to craft adversarial examples that evade the defender’s IoT-based NIDS.
  • Figure 2: Conceptual illustration of the D2TC approach, where malicious instances are iteratively shifted toward the benign mean and projected into valid ranges. Once inside the benign region, the instance is misclassified as benign, forming an adversarial example
  • Figure 3: Adversarial instance generation process. The attacker’s IoT dataset is split to build a substitution model that approximates the defender’s IDS. Iterative perturbations (and mask switching) are then applied to malicious flows until successful evasion is achieved, producing adversarial traffic ready to bypass the target system.
  • Figure 4: Workflow for creating the defense dataset. The original dataset is split into benign and malicious flows, with malicious instances undergoing adversarial instance generation (D2TC) to produce adversarial samples. These adversarial and clean subsets are then combined to form a comprehensive defense dataset.
  • Figure 5: Partitioning of the defense dataset into training/evaluation (derived from the defender’s data) and testing (sourced from the attacker’s data)
  • ...and 13 more figures