loading page

A Framework for Generating Evasion Attacks for Machine Learning based Network Intrusion Detection Systems
  • Raymond Mogg ,
  • Simon Yusuf Enoch ,
  • Dong Seong Kim
Raymond Mogg
Author Profile
Simon Yusuf Enoch
Federal University Kashere

Corresponding Author:[email protected]

Author Profile
Dong Seong Kim
Author Profile

Abstract

Intrusion Detection System (IDS) plays a vital role in detecting anomalies and cyber-attacks in networked systems. However, sophisticated attackers can manipulate the IDS’ attacks samples to evade possible detection. In this paper, we present a network-based IDS and investigate the viability of generating interpretable evasion attacks against the IDS through the application of a machine learning technique and an evolutionary algorithm. We employ a genetic algorithm to generate optimal attack features for certain attack categories, which are evaluated against a decision tree-based IDS in terms of their fitness measurements. To demonstrate the feasibility of our approach, we perform experiments based on the NSL-KDD dataset and analyze the algorithm performance.