Mohammad Al-Fawa’reh, Jumana Abu-khalaf, Naeem Janjua, Patryk Szewczyk
{"title":"开启和关闭歧管:IIoT网络中对抗性攻击的生成和检测","authors":"Mohammad Al-Fawa’reh, Jumana Abu-khalaf, Naeem Janjua, Patryk Szewczyk","doi":"10.1016/j.jnca.2024.104102","DOIUrl":null,"url":null,"abstract":"Network Intrusion Detection Systems (NIDS), which play a crucial role in defending Industrial Internet of Things (IIoT) networks, often utilize Deep Neural Networks (DNN) for their pattern recognition capabilities. However, these systems remain susceptible to sophisticated adversarial attacks, particularly on-manifold and off-manifold attacks, which skillfully evade detection. This paper addresses the limitations in existing research, focusing primarily on: the predominant focus on off-manifold attacks, while often overlooking subtler yet potent on-manifold attacks; a lack of consideration for the functional behavior of these attacks; reliance on detailed knowledge of the target NIDS for creating attacks; and the need for detailed knowledge about the creation process of adversarial attacks for effective detection. This paper introduces the Saliency Adversarial Autoencoder (SAAE), designed for generating on-manifold attacks through latent space perturbations. This dual-space perturbation approach enables SAAE to efficiently create stealthy attacks that blend with normal network behavior, posing significant challenges to state-of-the-art (SOTA) NIDS. To counter these advanced threats, we propose an attack-agnostic defence mechanism utilizing a fusion-based Autoencoder (AE) with disentangled representations. This defence is adept at detecting threats within the manifold, significantly enhancing NIDS robustness. Comparative assessments with SOTA DNN and Deep Reinforcement Learning (DRL) models highlight the effectiveness of our approach. The SAAE model markedly reduces True Positive Rates (TPR) in these systems. For DNNs, TPR dropped from 99.72% to 41.5%, and for DRLs, from 95.6% to 63.94%. Conversely, our defence model shows high TPR in detecting these attacks, registering 94% for DNNs and 92% for DRLs. Additionally, we release our dataset, named OOM-X-IIoTID<ce:cross-ref ref><ce:sup loc=\"post\">1</ce:sup></ce:cross-ref><ce:footnote><ce:label>1</ce:label><ce:note-para view=\"all\">The datasets can be found at the following link: <ce:inter-ref xlink:href=\"https://github.com/mohdah200/OOM-X-IIoTID\" xlink:type=\"simple\">https://github.com/mohdah200/OOM-X-IIoTID</ce:inter-ref>.</ce:note-para></ce:footnote>, which includes On/Off manifold adversarial attacks, a first in the field, to facilitate further research and development in cybersecurity.","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"336 1","pages":""},"PeriodicalIF":7.7000,"publicationDate":"2024-12-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"On and off the manifold: Generation and Detection of adversarial attacks in IIoT networks\",\"authors\":\"Mohammad Al-Fawa’reh, Jumana Abu-khalaf, Naeem Janjua, Patryk Szewczyk\",\"doi\":\"10.1016/j.jnca.2024.104102\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Network Intrusion Detection Systems (NIDS), which play a crucial role in defending Industrial Internet of Things (IIoT) networks, often utilize Deep Neural Networks (DNN) for their pattern recognition capabilities. However, these systems remain susceptible to sophisticated adversarial attacks, particularly on-manifold and off-manifold attacks, which skillfully evade detection. This paper addresses the limitations in existing research, focusing primarily on: the predominant focus on off-manifold attacks, while often overlooking subtler yet potent on-manifold attacks; a lack of consideration for the functional behavior of these attacks; reliance on detailed knowledge of the target NIDS for creating attacks; and the need for detailed knowledge about the creation process of adversarial attacks for effective detection. This paper introduces the Saliency Adversarial Autoencoder (SAAE), designed for generating on-manifold attacks through latent space perturbations. This dual-space perturbation approach enables SAAE to efficiently create stealthy attacks that blend with normal network behavior, posing significant challenges to state-of-the-art (SOTA) NIDS. To counter these advanced threats, we propose an attack-agnostic defence mechanism utilizing a fusion-based Autoencoder (AE) with disentangled representations. This defence is adept at detecting threats within the manifold, significantly enhancing NIDS robustness. Comparative assessments with SOTA DNN and Deep Reinforcement Learning (DRL) models highlight the effectiveness of our approach. The SAAE model markedly reduces True Positive Rates (TPR) in these systems. For DNNs, TPR dropped from 99.72% to 41.5%, and for DRLs, from 95.6% to 63.94%. Conversely, our defence model shows high TPR in detecting these attacks, registering 94% for DNNs and 92% for DRLs. Additionally, we release our dataset, named OOM-X-IIoTID<ce:cross-ref ref><ce:sup loc=\\\"post\\\">1</ce:sup></ce:cross-ref><ce:footnote><ce:label>1</ce:label><ce:note-para view=\\\"all\\\">The datasets can be found at the following link: <ce:inter-ref xlink:href=\\\"https://github.com/mohdah200/OOM-X-IIoTID\\\" xlink:type=\\\"simple\\\">https://github.com/mohdah200/OOM-X-IIoTID</ce:inter-ref>.</ce:note-para></ce:footnote>, which includes On/Off manifold adversarial attacks, a first in the field, to facilitate further research and development in cybersecurity.\",\"PeriodicalId\":54784,\"journal\":{\"name\":\"Journal of Network and Computer Applications\",\"volume\":\"336 1\",\"pages\":\"\"},\"PeriodicalIF\":7.7000,\"publicationDate\":\"2024-12-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Network and Computer Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1016/j.jnca.2024.104102\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Network and Computer Applications","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1016/j.jnca.2024.104102","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0
摘要
网络入侵检测系统(NIDS)在防御工业物联网(IIoT)网络中起着至关重要的作用,通常利用深度神经网络(DNN)来实现其模式识别功能。然而,这些系统仍然容易受到复杂的对抗性攻击,特别是流形和流形攻击,这些攻击巧妙地逃避了检测。本文解决了现有研究的局限性,主要集中在:主要关注非流形攻击,而往往忽略了微妙但强大的非流形攻击;缺乏对这些攻击的功能性行为的考虑;依赖对目标NIDS的详细了解来创建攻击;并且需要详细了解对抗性攻击的产生过程,以便进行有效的检测。本文介绍了显著性对抗自编码器(SAAE),该编码器设计用于通过潜在空间扰动产生流形攻击。这种双空间摄动方法使SAAE能够有效地创建与正常网络行为混合的隐形攻击,对最先进的(SOTA) NIDS构成重大挑战。为了应对这些高级威胁,我们提出了一种攻击不可知的防御机制,利用基于融合的自动编码器(AE)与解纠缠表示。这种防御擅长于检测歧管中的威胁,显著提高了NIDS的鲁棒性。与SOTA DNN和深度强化学习(DRL)模型的比较评估突出了我们方法的有效性。SAAE模型显著降低了这些系统的真阳性率(TPR)。dnn的TPR从99.72%下降到41.5%,drl的TPR从95.6%下降到63.94%。相反,我们的防御模型在检测这些攻击时显示出很高的TPR, dnn的TPR为94%,drl为92%。此外,我们发布了名为om - x - iiotid11的数据集,数据集可以在以下链接中找到:https://github.com/mohdah200/OOM-X-IIoTID.,其中包括开/关歧管对抗性攻击,这是该领域的第一个,以促进网络安全的进一步研究和开发。
On and off the manifold: Generation and Detection of adversarial attacks in IIoT networks
Network Intrusion Detection Systems (NIDS), which play a crucial role in defending Industrial Internet of Things (IIoT) networks, often utilize Deep Neural Networks (DNN) for their pattern recognition capabilities. However, these systems remain susceptible to sophisticated adversarial attacks, particularly on-manifold and off-manifold attacks, which skillfully evade detection. This paper addresses the limitations in existing research, focusing primarily on: the predominant focus on off-manifold attacks, while often overlooking subtler yet potent on-manifold attacks; a lack of consideration for the functional behavior of these attacks; reliance on detailed knowledge of the target NIDS for creating attacks; and the need for detailed knowledge about the creation process of adversarial attacks for effective detection. This paper introduces the Saliency Adversarial Autoencoder (SAAE), designed for generating on-manifold attacks through latent space perturbations. This dual-space perturbation approach enables SAAE to efficiently create stealthy attacks that blend with normal network behavior, posing significant challenges to state-of-the-art (SOTA) NIDS. To counter these advanced threats, we propose an attack-agnostic defence mechanism utilizing a fusion-based Autoencoder (AE) with disentangled representations. This defence is adept at detecting threats within the manifold, significantly enhancing NIDS robustness. Comparative assessments with SOTA DNN and Deep Reinforcement Learning (DRL) models highlight the effectiveness of our approach. The SAAE model markedly reduces True Positive Rates (TPR) in these systems. For DNNs, TPR dropped from 99.72% to 41.5%, and for DRLs, from 95.6% to 63.94%. Conversely, our defence model shows high TPR in detecting these attacks, registering 94% for DNNs and 92% for DRLs. Additionally, we release our dataset, named OOM-X-IIoTID11The datasets can be found at the following link: https://github.com/mohdah200/OOM-X-IIoTID., which includes On/Off manifold adversarial attacks, a first in the field, to facilitate further research and development in cybersecurity.
期刊介绍:
The Journal of Network and Computer Applications welcomes research contributions, surveys, and notes in all areas relating to computer networks and applications thereof. Sample topics include new design techniques, interesting or novel applications, components or standards; computer networks with tools such as WWW; emerging standards for internet protocols; Wireless networks; Mobile Computing; emerging computing models such as cloud computing, grid computing; applications of networked systems for remote collaboration and telemedicine, etc. The journal is abstracted and indexed in Scopus, Engineering Index, Web of Science, Science Citation Index Expanded and INSPEC.