计算机科学

计算机科学 ›› 2021, Vol. 48 ›› Issue (7): 55-61.doi: 10.11896/jsjkx.210100095

所属专题: 人工智能安全

• 人工智能安全* • 上一篇    下一篇

对抗攻击威胁基于卷积神经网络的网络流量分类

羊洋, 陈伟, 张丹懿, 王丹妮, 宋爽   

  1. 电子科技大学信息与软件工程学院(软件工程) 成都610054
  • 收稿日期:2021-01-12 修回日期:2021-03-17 出版日期:2021-07-15 发布日期:2021-07-02
  • 通讯作者: 陈伟(chenwei@uestc.edu.cn)
  • 基金资助:
    四川省科技计划项目(2020YFSY0010)

Adversarial Attacks Threatened Network Traffic Classification Based on CNN

YANG Yang, CHEN Wei, ZHANG Dan-yi, WANG Dan-ni, SONG Shuang   

  1. School of Information and Software Engineering(Software Engineering),University of Electronic Science and Technology of China,Chengdu 610054,China
  • Received:2021-01-12 Revised:2021-03-17 Online:2021-07-15 Published:2021-07-02
  • About author:YANG Yang,born in 1997,postgra-duate.His main research interest includes information security of artificial intelligence.(201922090428@std.uestc.edu.cn)
    CHEN Wei,born in 1978,Ph.D,asso-ciate professor.His main research in-terest includes network security and so on.
  • Supported by:
    Science and Technology Projects of Sichuan Province(2020YFSY0010).

PDF (PC)

1964

摘要: 深度学习算法被广泛地应用于网络流量分类,具有较好的分类效果,应用卷积神经网络不仅能大幅提高网络流量分类的准确性,还能简化其分类过程。然而,神经网络面临着对抗攻击等安全威胁,这些安全威胁对基于神经网络的网络流量分类的影响有待进一步的研究和验证。文中提出了基于卷积神经网络的网络流量分类的对抗攻击方法,通过对由网络流量转换成的深度学习输入图像添加人眼难以识别的扰动,使得卷积神经网络对网络流量产生错误的分类。同时,针对这种攻击方法,文中也提出了基于混合对抗训练的防御措施,将对抗攻击形成的对抗流量样本和原始流量样本混合训练以增强分类模型的鲁棒性。文中采用公开数据集进行实验,实验结果表明,所提对抗攻击方法能导致基于卷积神经网络的网络流量分类方法的准确率急剧下降,通过混合对抗训练则能够有效地抵御对抗攻击,从而提高模型的鲁棒性。

关键词: 对抗攻击, 对抗训练, 机器学习, 流量分类, 深度学习

Abstract: Deep learning algorithm is widely used in network traffic classification,which has good classification effect.Convolutional neural network can not only greatly improve the accuracy of network traffic classification,but also simplify the classification process.However,neural network is faced with security threats such as adversarial attack.The impact of these security threats on network traffic classification based on neural network needs to be further researched and verified.This paper proposes an adversarial attack method for network traffic classification based on convolutional neural network.By adding the disturbance which is difficult to recognize by human eyes to the deep learning input image converted from network traffic,it makes convolutional neural network misclassify network traffic.At the same time,to this attack method,this paper also proposes a defense method based on mixed adversarial training,which combines the adversarial traffic samples generated by adversarial attack and the original traffic samples to enhance the robustness of the classification model.We evaluate the proposed method on public data sets.The experimental results show that the proposed adversarial attack method can cause a sharply drop in the accuracy of the network traffic classification method based on convolutional neural network,and the proposed mixed adversarial attack training can effectively resist the adversarial attack,so as to improve the robustness of the network traffic classification model.

Key words: Adversarial attack, Adversarial training, Deep learning, Machine learning, Traffic classification

中图分类号: 

  • TP391
[1]ZHANG F,HE W,LIU X,et al.Inferring users’ online activities through traffic analysis[C]//Proceedings of the Fourth ACM Conference on Wireless Network Security.2011:59-70.
[2]WANG W,ZHU M,ZENG X,et al.Malware traffic classification using convolutional neural network for representation learning[C]//2017 International Conference on Information Networking (ICOIN).IEEE,2017:712-717.
[3]WANG W,ZHU M,WANG J,et al.End-to-end encrypted traffic classification with one-dimensional convolution neural networks[C]//2017 IEEE International Conference on Intelligence and Security Informatics (ISI).IEEE,2017:43-48.
[4]DRAPER-GIL G,LASHKARI A H,MAMUNM S I,et al.Characterization of encrypted and vpn traffic using time-related[C]//Proceedings of the 2nd international conference on information systems security and privacy (ICISSP).2016:407-414.
[5]LOTFOLLAHI M,SIAVOSHANI M J,ZADER S H,et al.Deep packet:A novel approach for encrypted traffic classification using deep learning[J].Soft Computing,2020,24(3):1999-2012.
[6]MARÍN G,CASAS P,CAPDEHOURAT G.Deep in the Dark-Deep Learning-Based Malware Traffic Detection Without Expert Knowledge[C]//2019 IEEE Security and Privacy Workshops (SPW).IEEE,2019:36-42.
[7]HE Y,LI W.Image-based encrypted traffic classification with convolution neural networks[C]//2020 IEEE Fifth Internatio-nal Conference on Data Science in Cyberspace (DSC).IEEE,2020:271-278.
[8]AHMAD Z,KHAN A S,SHIANG C W,et al.Network intrusion detection system:Asystematic study of machine learning and deep learning approaches[J].Transactions on Emerging Telecommunications Technologies,2021,32(1):e4150.
[9]WU H.A Systematical Study for Deep Learning Based Android Malware Detection[C]//Proceedings of the 2020 9th International Conference on Software and Computer Applications.2020:177-182.
[10]MERCALDO F,SANTONE A.Deep learning for image-based mobile malware detection[J].Journal of Computer Virology and Hacking Techniques,2020,16(6):1-15.
[11]GOODFELLOW I J,SHLENS J,SZEGEDY C.Explaining and harnessing adversarial examples[J].arXiv:1412.6572,2014.
[12]MADRY A,MAKELOV A,SCHMIDT L,et al.Towards deeplearning models resistant to adversarial attacks[J].arXiv:1706.06083,2017.
[13]SCHOTT L,RAUBER J,BETHGE M,et al.Towards the first adversarially robust neural network model on MNIST[J].ar-Xiv:1805.09190,2018.
[14]CARLINI N,WAGNER D.Towards evaluating the robustness of neural networks[C]//2017 IEEE Symposium on Security and Privacy (sp).IEEE,2017:39-57.
[15]MOOSAVI-DEZFOOLI S M,FAWZI A,FROSSARD P.Deepfool:a simple and accurate method to fool deep neural networks[C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition.2016:2574-2582.
[16]KURAKIN A,GOODFELLOW I,BENGIO S,et al.Adversarial examples in the physical world[C]//International Conference on Learning Representations.2017.
[17]WANG Z.The applications of deep learning on traffic identification[J].BlackHat USA,2015,24(11):1-10.
[1] 饶志双, 贾真, 张凡, 李天瑞.
基于Key-Value关联记忆网络的知识图谱问答方法
Key-Value Relational Memory Networks for Question Answering over Knowledge Graph
计算机科学, 2022, 49(9): 202-207. https://doi.org/10.11896/jsjkx.220300277
[2] 冷典典, 杜鹏, 陈建廷, 向阳.
面向自动化集装箱码头的AGV行驶时间估计
Automated Container Terminal Oriented Travel Time Estimation of AGV
计算机科学, 2022, 49(9): 208-214. https://doi.org/10.11896/jsjkx.210700028
[3] 宁晗阳, 马苗, 杨波, 刘士昌.
密码学智能化研究进展与分析
Research Progress and Analysis on Intelligent Cryptology
计算机科学, 2022, 49(9): 288-296. https://doi.org/10.11896/jsjkx.220300053
[4] 汤凌韬, 王迪, 张鲁飞, 刘盛云.
基于安全多方计算和差分隐私的联邦学习方案
Federated Learning Scheme Based on Secure Multi-party Computation and Differential Privacy
计算机科学, 2022, 49(9): 297-305. https://doi.org/10.11896/jsjkx.210800108
[5] 徐涌鑫, 赵俊峰, 王亚沙, 谢冰, 杨恺.
时序知识图谱表示学习
Temporal Knowledge Graph Representation Learning
计算机科学, 2022, 49(9): 162-171. https://doi.org/10.11896/jsjkx.220500204
[6] 李瑶, 李涛, 李埼钒, 梁家瑞, Ibegbu Nnamdi JULIAN, 陈俊杰, 郭浩.
基于多尺度的稀疏脑功能超网络构建及多特征融合分类研究
Construction and Multi-feature Fusion Classification Research Based on Multi-scale Sparse Brain Functional Hyper-network
计算机科学, 2022, 49(8): 257-266. https://doi.org/10.11896/jsjkx.210600094
[7] 王剑, 彭雨琦, 赵宇斐, 杨健.
基于深度学习的社交网络舆情信息抽取方法综述
Survey of Social Network Public Opinion Information Extraction Based on Deep Learning
计算机科学, 2022, 49(8): 279-293. https://doi.org/10.11896/jsjkx.220300099
[8] 郝志荣, 陈龙, 黄嘉成.
面向文本分类的类别区分式通用对抗攻击方法
Class Discriminative Universal Adversarial Attack for Text Classification
计算机科学, 2022, 49(8): 323-329. https://doi.org/10.11896/jsjkx.220200077
[9] 姜梦函, 李邵梅, 郑洪浩, 张建朋.
基于改进位置编码的谣言检测模型
Rumor Detection Model Based on Improved Position Embedding
计算机科学, 2022, 49(8): 330-335. https://doi.org/10.11896/jsjkx.210600046
[10] 张光华, 高天娇, 陈振国, 于乃文.
基于N-Gram静态分析技术的恶意软件分类研究
Study on Malware Classification Based on N-Gram Static Analysis Technology
计算机科学, 2022, 49(8): 336-343. https://doi.org/10.11896/jsjkx.210900203
[11] 孙奇, 吉根林, 张杰.
基于非局部注意力生成对抗网络的视频异常事件检测方法
Non-local Attention Based Generative Adversarial Network for Video Abnormal Event Detection
计算机科学, 2022, 49(8): 172-177. https://doi.org/10.11896/jsjkx.210600061
[12] 何强, 尹震宇, 黄敏, 王兴伟, 王源田, 崔硕, 赵勇.
基于大数据的进化网络影响力分析研究综述
Survey of Influence Analysis of Evolutionary Network Based on Big Data
计算机科学, 2022, 49(8): 1-11. https://doi.org/10.11896/jsjkx.210700240
[13] 侯钰涛, 阿布都克力木·阿布力孜, 哈里旦木·阿布都克里木.
中文预训练模型研究进展
Advances in Chinese Pre-training Models
计算机科学, 2022, 49(7): 148-163. https://doi.org/10.11896/jsjkx.211200018
[14] 周慧, 施皓晨, 屠要峰, 黄圣君.
基于主动采样的深度鲁棒神经网络学习
Robust Deep Neural Network Learning Based on Active Sampling
计算机科学, 2022, 49(7): 164-169. https://doi.org/10.11896/jsjkx.210600044
[15] 苏丹宁, 曹桂涛, 王燕楠, 王宏, 任赫.
小样本雷达辐射源识别的深度学习方法综述
Survey of Deep Learning for Radar Emitter Identification Based on Small Sample
计算机科学, 2022, 49(7): 226-235. https://doi.org/10.11896/jsjkx.210600138
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发