TechRxiv
WISA 2021.pdf (693.03 kB)

A Framework for Generating Evasion Attacks for Machine Learning based Network Intrusion Detection Systems

Download (693.03 kB)
preprint
posted on 19.08.2021, 13:23 by Raymond Mogg, Simon Yusuf EnochSimon Yusuf Enoch, Dong Seong Kim

Intrusion Detection System (IDS) plays a vital role in detecting anomalies and cyber-attacks in networked systems. However, sophisticated attackers can manipulate the IDS’ attacks samples to evade possible detection. In this paper, we present a network-based IDS and investigate the viability of generating interpretable evasion attacks against the IDS through the application of a machine learning technique and an evolutionary algorithm. We employ a genetic algorithm to generate optimal attack features for certain attack categories, which are evaluated against a decision tree-based IDS in terms of their fitness measurements. To demonstrate the feasibility of our approach, we perform experiments based on the NSL-KDD dataset and analyze the algorithm performance.

History

Email Address of Submitting Author

sey19@uclive.ac.nz

ORCID of Submitting Author

0000-0002-0970-3621

Submitting Author's Institution

Federal University Kashere

Submitting Author's Country

Nigeria

Usage metrics

Licence

Exports