GPMT: Generating practical malicious traffic based on adversarial attacks with little prior knowledge

对抗制 计算机科学 稳健性(进化) 计算机安全 功能(生物学) 人工智能 逃避(道德) 机器学习 免疫系统 生物化学 进化生物学 生物 基因 化学 免疫学
作者
Peishuai Sun,Shuhao Li,Jiang Xie,Hongbo Xu,Zhenyu Cheng,Rong Yang
出处
期刊:Computers & Security [Elsevier BV]
卷期号:130: 103257-103257 被引量:4
标识
DOI:10.1016/j.cose.2023.103257
摘要

Machine learning (ML) is increasingly used for malicious traffic detection and proven to be effective. However, ML-based detections are at risk of being deceived by adversarial examples. It is critical to carry out adversarial attacks to evaluate the robustness of detections. Some research papers have studied adversarial attacks on ML-based detections, while most of them are in unreal scenarios. It mainly includes two aspects: (i) adversarial attacks gain extra prior knowledge about ML-based models, such as the datasets and features used by the model, which are unlikely to be available in reality; (ii) adversarial attacks generate unpractical examples, which are traffic features or traffic that doesn’t compliance with communication protocol rules. In this paper, we propose an adversarial attack framework GPMT, which generates practical adversarial malicious traffic to deceive the ML-based detection. Compared with previous work, our work mainly has the following advantages: (i) little prior knowledge: we limit the possessed prior knowledge to simulate black-box attacks for real situations; (ii) more adversarial and practical examples: we employ Wasserstein GAN (WGAN) to execute adversarial attacks and design a novel loss function, which generates practical adversarial examples that are more likely to deceive detections. We attack nine ML-based models in the CTU-13 dataset to demonstrate the framework’s validity. Experimental results show that GPMT is more effective and versatile than other methods. For nine models, mean evasion increase rate (EIR) can reach 65.53%, which is 16.48% higher than the best of related methods, DIGFuPAS. In addition, we test other datasets to verify the generality of the framework. The experiment shows that our attack is equally applicable.
最长约 10秒,即可获得该文献文件

科研通智能强力驱动
Strongly Powered by AbleSci AI
更新
PDF的下载单位、IP信息已删除 (2025-6-4)

科研通是完全免费的文献互助平台,具备全网最快的应助速度,最高的求助完成率。 对每一个文献求助,科研通都将尽心尽力,给求助人一个满意的交代。
实时播报
1秒前
畅快芝麻完成签到,获得积分10
1秒前
外向芹菜发布了新的文献求助10
2秒前
沧笙踏歌发布了新的文献求助200
2秒前
ElbingX发布了新的文献求助20
2秒前
端庄的松完成签到,获得积分10
3秒前
科研通AI5应助茂飞采纳,获得10
4秒前
4秒前
Eternal完成签到,获得积分10
5秒前
5秒前
5秒前
大模型应助CHB只争朝夕采纳,获得10
6秒前
slx发布了新的文献求助10
8秒前
脑洞疼应助Aurora.H采纳,获得10
9秒前
9秒前
星辰大海应助文艺的明杰采纳,获得10
9秒前
韩涵发布了新的文献求助10
9秒前
舒庆春发布了新的文献求助10
9秒前
小时候发布了新的文献求助10
9秒前
10秒前
英姑应助帕丁顿采纳,获得10
10秒前
11秒前
12秒前
lyc45491314发布了新的文献求助10
12秒前
量子星尘发布了新的文献求助10
13秒前
14秒前
Coral.完成签到,获得积分10
14秒前
Kikua完成签到,获得积分10
15秒前
核桃应助haidan采纳,获得30
17秒前
lll发布了新的文献求助10
17秒前
Coral.发布了新的文献求助10
17秒前
活泼水桃发布了新的文献求助10
17秒前
练习时长两年半应助gar采纳,获得10
19秒前
小二郎应助Kikua采纳,获得10
19秒前
贰鸟应助吃饺子不蘸醋采纳,获得20
19秒前
tczw667完成签到,获得积分10
20秒前
yar应助Yolo采纳,获得10
21秒前
22秒前
赘婿应助jackhlj采纳,获得30
23秒前
jiangzhong发布了新的文献求助10
24秒前
高分求助中
A new approach to the extrapolation of accelerated life test data 1000
Picture Books with Same-sex Parented Families: Unintentional Censorship 700
ACSM’s Guidelines for Exercise Testing and Prescription, 12th edition 500
Nucleophilic substitution in azasydnone-modified dinitroanisoles 500
不知道标题是什么 500
Indomethacinのヒトにおける経皮吸収 400
Phylogenetic study of the order Polydesmida (Myriapoda: Diplopoda) 370
热门求助领域 (近24小时)
化学 材料科学 医学 生物 工程类 有机化学 生物化学 物理 内科学 纳米技术 计算机科学 化学工程 复合材料 遗传学 基因 物理化学 催化作用 冶金 细胞生物学 免疫学
热门帖子
关注 科研通微信公众号,转发送积分 3976177
求助须知:如何正确求助?哪些是违规求助? 3520366
关于积分的说明 11202970
捐赠科研通 3256899
什么是DOI,文献DOI怎么找? 1798535
邀请新用户注册赠送积分活动 877725
科研通“疑难数据库(出版商)”最低求助积分说明 806516