TY - JOUR
T1 - Launching Adversarial Attacks against Network Intrusion Detection Systems for IoT
AU - Papadopoulos, Pavlos
AU - Thornewill von Essen, Oliver
AU - Pitropakis, Nikolaos
AU - Chrysoulas, Christos
AU - Mylonas, Alexios
AU - Buchanan, William J.
N1 - © 2021 by the authors. Licensee MDPI, Basel, Switzerland. This is an open access article distributed under the terms of the Creative Commons Attribution License (CC BY), https://creativecommons.org/licenses/by/4.0/
PY - 2021/6
Y1 - 2021/6
N2 - As the internet continues to be populated with new devices and emerging technologies, the attack surface grows exponentially. Technology is shifting towards a profit-driven Internet of Things market where security is an afterthought. Traditional defending approaches are no longer sufficient to detect both known and unknown attacks to high accuracy. Machine learning intrusion detection systems have proven their success in identifying unknown attacks with high precision. Nevertheless, machine learning models are also vulnerable to attacks. Adversarial examples can be used to evaluate the robustness of a designed model before it is deployed. Further, using adversarial examples is critical to creating a robust model designed for an adversarial environment. Our work evaluates both traditional machine learning and deep learning models' robustness using the Bot-IoT dataset. Our methodology included two main approaches. First, label poisoning, used to cause incorrect classification by the model. Second, the fast gradient sign method, used to evade detection measures. The experiments demonstrated that an attacker could manipulate or circumvent detection with significant probability.
AB - As the internet continues to be populated with new devices and emerging technologies, the attack surface grows exponentially. Technology is shifting towards a profit-driven Internet of Things market where security is an afterthought. Traditional defending approaches are no longer sufficient to detect both known and unknown attacks to high accuracy. Machine learning intrusion detection systems have proven their success in identifying unknown attacks with high precision. Nevertheless, machine learning models are also vulnerable to attacks. Adversarial examples can be used to evaluate the robustness of a designed model before it is deployed. Further, using adversarial examples is critical to creating a robust model designed for an adversarial environment. Our work evaluates both traditional machine learning and deep learning models' robustness using the Bot-IoT dataset. Our methodology included two main approaches. First, label poisoning, used to cause incorrect classification by the model. Second, the fast gradient sign method, used to evade detection measures. The experiments demonstrated that an attacker could manipulate or circumvent detection with significant probability.
KW - adversarial
KW - Internet of Things
KW - machine learning
KW - network IDS
UR - http://www.scopus.com/inward/record.url?scp=85109528727&partnerID=8YFLogxK
U2 - 10.3390/jcp1020014
DO - 10.3390/jcp1020014
M3 - Article
VL - 1
SP - 252
EP - 273
JO - Journal of Cybersecurity and Privacy
JF - Journal of Cybersecurity and Privacy
IS - 2
M1 - 1020014
ER -