On the Robustness of ML-Based Network Intrusion Detection Systems: An Adversarial and Distribution Shift Perspective
-
Published:2023-10-17
Issue:10
Volume:12
Page:209
-
ISSN:2073-431X
-
Container-title:Computers
-
language:en
-
Short-container-title:Computers
Author:
Wang Minxiao1ORCID, Yang Ning2ORCID, Gunasinghe Dulaj H.1ORCID, Weng Ning1ORCID
Affiliation:
1. The Computer Engineering Program in the School of Electrical, Computer, and Biomedical Engineering, Southern Illinois University, Carbondale, IL 62901, USA 2. The Information Technology Program in the School of Computing, Southern Illinois University, Carbondale, IL 62901, USA
Abstract
Utilizing machine learning (ML)-based approaches for network intrusion detection systems (NIDSs) raises valid concerns due to the inherent susceptibility of current ML models to various threats. Of particular concern are two significant threats associated with ML: adversarial attacks and distribution shifts. Although there has been a growing emphasis on researching the robustness of ML, current studies primarily concentrate on addressing specific challenges individually. These studies tend to target a particular aspect of robustness and propose innovative techniques to enhance that specific aspect. However, as a capability to respond to unexpected situations, the robustness of ML should be comprehensively built and maintained in every stage. In this paper, we aim to link the varying efforts throughout the whole ML workflow to guide the design of ML-based NIDSs with systematic robustness. Toward this goal, we conduct a methodical evaluation of the progress made thus far in enhancing the robustness of the targeted NIDS application task. Specifically, we delve into the robustness aspects of ML-based NIDSs against adversarial attacks and distribution shift scenarios. For each perspective, we organize the literature in robustness-related challenges and technical solutions based on the ML workflow. For instance, we introduce some advanced potential solutions that can improve robustness, such as data augmentation, contrastive learning, and robustness certification. According to our survey, we identify and discuss the ML robustness research gaps and future direction in the field of NIDS. Finally, we highlight that building and patching robustness throughout the life cycle of an ML-based NIDS is critical.
Funder
Dr. Yang’s startup funding and NSF award
Subject
Computer Networks and Communications,Human-Computer Interaction
Reference93 articles.
1. Krizhevsky, A., Sutskever, I., and Hinton, G.E. (2012, January 3–6). Imagenet Classification with Deep Convolutional Neural Networks. Proceedings of the 26th Annual Conference on Neural Information Processing Systems 2012, Lake Tahoe, NA, USA. 2. Hannun, A., Case, C., Casper, J., Catanzaro, B., Diamos, G., Elsen, E., Prenger, R., Satheesh, S., Sengupta, S., and Coates, A. (2014). Deep speech: Scaling up end-to-end speech recognition. arXiv. 3. Building auto-encoder intrusion detection system based on random forest feature selection;Li;Comput. Secur.,2020 4. Mirsky, Y., Doitshman, T., Elovici, Y., and Shabtai, A. (2018, January 18–21). Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection. Proceedings of the 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, CA, USA. 5. Tocchetti, A., Corti, L., Balayn, A., Yurrita, M., Lippmann, P., Brambilla, M., and Yang, J. (2023, August 18). AI Robustness: A Human-Centered Perspective on Technological Challenges and Opportunities, Available online: http://xxx.lanl.gov/abs/2210.08906.
Cited by
4 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
|
|