VulnerGAN: a backdoor attack through vulnerability amplification against machine learning-based network intrusion detection systems

Liu, G; Zhang, W; Li, X; Fan, K; Yu, S

VulnerGAN: a backdoor attack through vulnerability amplification against machine learning-based network intrusion detection systems

Liu, G Zhang, W Li, X Fan, K Yu, S

Permalink

Publisher:: SCIENCE PRESS
Publication Type:: Journal Article
Citation:: Science China Information Sciences, 2022, 65, (7)
Issue Date:: 2022-07-01

Closed Access

	Filename	Description	Size
	s11432-021-3455-1.pdf	Published version	1.35 MB	Adobe PDF	View/Open

Copyright Clearance Process

Recently Added
In Progress
Closed Access

This item is closed access and not available.

Full metadata record

Field	Value	Language
dc.contributor.author	Liu, G
dc.contributor.author	Zhang, W
dc.contributor.author	Li, X
dc.contributor.author	Fan, K
dc.contributor.author	Yu, S https://orcid.org/0000-0003-4485-6743
dc.date.accessioned	2023-01-19T02:13:57Z
dc.date.available	2023-01-19T02:13:57Z
dc.date.issued	2022-07-01
dc.identifier.citation	Science China Information Sciences, 2022, 65, (7)
dc.identifier.issn	1674-733X
dc.identifier.issn	1869-1919
dc.identifier.uri	http://hdl.handle.net/10453/165177
dc.description.abstract	Machine learning-based network intrusion detection systems (ML-NIDS) are extensively used for network security against unknown attacks. Existing intrusion detection systems can effectively defend traditional network attacks, however, they face AI based threats. The current known AI attacks cannot balance the escape rate and attack effectiveness. In addition, the time cost of existing AI attacks is very high. In this paper, we propose a backdoor attack called VulnerGAN, which features high concealment, high aggressiveness, and high timeliness. The backdoor can make the specific attack traffic bypass the detection of ML-NIDS without affecting the performance of ML-NIDS in identifying other attack traffic. VulnerGAN uses generative adversarial networks (GAN) to calculate poisoning and adversarial samples based on machine learning model vulnerabilities. It can make traditional network attack traffic escape black-box online ML-NIDS. At the same time, model extraction and fuzzing test are used to enhance the convergence of VulnerGAN. Compared with the state-of-the-art algorithms, the VulnerGAN backdoor attack increases 33.28% in concealment, 18.48% in aggressiveness, and 46.32% in timeliness.
dc.language	English
dc.publisher	SCIENCE PRESS
dc.relation.ispartof	Science China Information Sciences
dc.relation.isbasedon	10.1007/s11432-021-3455-1
dc.rights	info:eu-repo/semantics/closedAccess
dc.subject	0804 Data Format, 0806 Information Systems, 0899 Other Information and Computing Sciences
dc.subject.classification	Software Engineering
dc.title	VulnerGAN: a backdoor attack through vulnerability amplification against machine learning-based network intrusion detection systems
dc.type	Journal Article
utslib.citation.volume	65
utslib.for	0804 Data Format
utslib.for	0806 Information Systems
utslib.for	0899 Other Information and Computing Sciences
pubs.organisational-group	/University of Technology Sydney
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Computer Science
utslib.copyright.status	closed_access	*
dc.date.updated	2023-01-19T02:13:56Z
pubs.issue	7
pubs.publication-status	Published
pubs.volume	65
utslib.citation.issue	7

Abstract:

Machine learning-based network intrusion detection systems (ML-NIDS) are extensively used for network security against unknown attacks. Existing intrusion detection systems can effectively defend traditional network attacks, however, they face AI based threats. The current known AI attacks cannot balance the escape rate and attack effectiveness. In addition, the time cost of existing AI attacks is very high. In this paper, we propose a backdoor attack called VulnerGAN, which features high concealment, high aggressiveness, and high timeliness. The backdoor can make the specific attack traffic bypass the detection of ML-NIDS without affecting the performance of ML-NIDS in identifying other attack traffic. VulnerGAN uses generative adversarial networks (GAN) to calculate poisoning and adversarial samples based on machine learning model vulnerabilities. It can make traditional network attack traffic escape black-box online ML-NIDS. At the same time, model extraction and fuzzing test are used to enhance the convergence of VulnerGAN. Compared with the state-of-the-art algorithms, the VulnerGAN backdoor attack increases 33.28% in concealment, 18.48% in aggressiveness, and 46.32% in timeliness.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/165177