计算机科学 ›› 2022, Vol. 49 ›› Issue (11A): 211000039-11.doi: 10.11896/jsjkx.211000039
王珏, 芦斌, 祝跃飞
WANG Jue, LU Bin, ZHU Yue-fei
摘要: 人工智能技术的井喷式发展正在深刻影响着网络空间安全的战略格局,在入侵检测领域显示出了巨大潜力。最近的研究发现,机器学习模型有着严重的脆弱性,针对该脆弱性衍生的对抗样本通过在原始样本上添加一些轻微扰动就可以大幅度降低模型检测的正确率。学术界已经在图像分类领域对对抗性图片的生成与应用进行了广泛而深入的研究。但是,在入侵检测领域,对于对抗性网络流量的探索仍在不断发展。在介绍对抗性网络流量的基本概念、威胁模型与评价指标的基础上,对近年来有关对抗性网络流量的研究工作进行了总结,按照其生成方式与原理的不同将生成方法分为5类:基于梯度的生成方法、基于优化的生成方法、基于GAN的生成方法、基于决策的生成方法以及基于迁移的生成方法。通过对相关问题的讨论,就该技术的发展趋势进行了展望。
中图分类号:
[1]LUNT TF.A survey of intrusion detection techniques[J].Computers & Security,1993,12(4):405-418. [2]CHALAPATHY R,CHAWLA S.Deep Learning for AnomalyDetection:A Survey[J].arXiv:1901.03407,2019. [3]KWON D,KIM H,KIM J,et al.A survey of deep learning-based network anomaly detection[J].Cluster Computing,2019,22(1):949-961. [4]MIRSKY Y,DOITSHMAN T,ELOVICI Y,et al.Kitsune:An Ensemble of Autoencoders for Online Network Intrusion Detection[C]//Network and Distributed System Security Sympo-sium,2018. [5]MEGHDOURI F,ZSEBY T,IGLESIAS F.Analysis of Light-weight Feature Vectors for Attack Detection in Network Traffic[J].Applied Sciences,2018,8(11). [6]SZEGEDY C,ZAREMBA W,SUTSKEVER I,et al.Intriguing properties of neural networks[J].arXiv:1312.6199,2013. [7]GOODFELLOW I J,SHLENS J,SZEGEDY C.Explaining andHarnessing Adversarial Examples[J].arXiv:1412.6572,2014. [8]KURAKIN A,GOODFELLOW I,BENGIO S.Adversarial Machine Learning at Scale[J].arXiv,2016. [9]PAPERNOT N,MCDANIEL P,JHA S,et al.The Limitations of Deep Learning in Adversarial Settings[C]//2016 IEEE European Symposium on Security and Privacy(EuroS&P).2015. [10]MOOSAVI-DEZFOOLI S M,FAWZI A,FROSSARD P.Deep-Fool:a simple and accurate method to fool deep neural networks[C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition.2016:2574-2582. [11]CARLINI N,WAGNER D.Towards Evaluating the Robustness of Neural Networks[C]//2017 IEEE Symposium on Security and Privacy(SP).2017. [12]CHEN P Y,ZHANG H,SHARMA Y,et al.ZOO:Zeroth Order Optimization based Black-box Attacks to Deep Neural Networks without Training Substitute Models[C]//Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security.2017:15-26. [13]MOOSAVI-DEZFOOLI S M,FAWZI A,FAWZI O,et al.Universal adversarial perturbations[C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition.2017:1765-1773. [14]GOODFELLOW I J,POUGET-ABADIE J,MIRZA M,et al.Generative Adversarial Nets[J].MIT Press,2014. [15]PAPERNOT N,MCDANIEL P,GOODFELLOW I,et al.Practical Black-Box Attacks against Deep Learning Systems using Adversarial Examples[J].arXiv:1602.02697,2016. [16]FAWZI A,FAWZI O,FROSSARD P.Fundamental limits onadversarial robustness[C]//Proceedings of ICML,Workshop on Deep Learning.2015. [17]TABACOF P,VALLE E.Exploring the Space of AdversarialImages[C]//2016 International Joint Conference on Neural Networks(IJCNN).2016. [18]AKHTAR N,MIAN A.Threat of Adversarial Attacks on Deep Learning in Computer Vision:A Survey[J].IEEE Access,2018,6:14410-14430. [19]RIGAKI M.Adversarial Deep Learning Against Intrusion De-tection Classifiers[C]//017 NATO IST-152 Workshop on Intelligent Autonomous Agents for CyberDefence and Resilience,IST-152 2017.2017. [20]LIN Z,SHI Y,XUE Z.IDSGAN:Generative Adversarial Networks for Attack Generation against Intrusion Detection[J].arXiv:1809.02077,2018. [21]LIU X,ZHUO Z,DU X,et al.Adversarial attacks against profile HMM website fingerprinting detection model[J].Cognitive Systems Research,2019,54(MAY):83-89. [22]IBITOYE O,SHAFIQ O,MATRAWY A.Analyzing Adversarial Attacks against Deep Learning for Intrusion Detection in IoT Networks[C]//2019 IEEE Global Communications Conference(GLOBECOM).2019. [23]TRAMÉR F,KURAKIN A,PAPERNOT N,et al.EnsembleAdversarial Training:Attacks and Defenses[J].arXiv:1705.07204,2017. [24]MADRY A,MAKELOV A,SCHMIDT L,et al.Towards Deep Learning Models Resistant to Adversarial Attacks[J],2017. [25]TAVALI M,BAGHERI E,LU W,et al.A detailed analysis of the KDD CUP 99 data set[C]// IEEE International Conference on Computational Intelligence for Security & Defense Applications.IEEE,2009. [26]HUANG C H,LEE T H,CHANG L H,et al.Adversarial Attacks on SDN-Based Deep Learning IDS System[C]//Springer.Singapore,2018. [27]KORONIOTIS N,MOUSTAFA N,SITNIKOVA E,et al.Towards the Development of Realistic Botnet Dataset in the Internet of Things for Network Forensic Analytics:Bot-IoT Dataset[J].Future Generation Computer Systems,2019,100:779-796. [28]PAPADOPOULOS P,ESSEN O,PITROPAKIS N,et al.Launching Adversarial Attacks against Network Intrusion Detection Systems forIoT[J].Journal of Cybersecurity and Privacy,2021,1(2):252-273. [29]WANG Z.Deep Learning-Based Intrusion Detection With Adversaries[J].IEEE Access,2018,6:38367-38384. [30]HU Y J,GUO Y B,MA J,et al.Method to generate cyber deception traffic based on adversarial sample[J].Journal on Communications,2020,41(9):59-70. [31]ANDREW W,MOORE D.Discriminators for use in flow-based classification[R].UK:Queen Mary University of London,2005. [32]HARTL A,BACHL M,FABINI J,et al.Explainability and Adversarial Robustness for RNNs[C]//2020 IEEE Sixth International Conference on Big Data Computing Service and Applications(BigDataService).2020. [33]SHARAFALDIN I,LASHKARI A H,GHORBANI A A.To-ward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization[C]//International Conference on Information Systems Security & Privacy.2018. [34]MOUSTAFA N,SLAY J.UNSW-NB15:a comprehensive dataset for network intrusion detection systems(UNSW-NB15 network data set)[C]//Military Communications and Information Systems Conference(MilCIS).2015. [35]SADEGHZADEH A M,SHIRAVI S,JALILI R.AdversarialNetwork Traffic:Towards Evaluating the Robustness of Deep-Learning-Based Network Traffic Classification[J].IEEE Transactions on Network and Service Management,2021,18(2):1962-1976. [36]LASHKARI A H,DRAPER-GIL G,MAMUN M,et al.Characterization of Encrypted and VPN Traffic Using Time-Related Features[C]//The International Conference on Information Systems Security and Privacy(ICISSP).2016. [37]ZHUO Z,ZHANG Y,ZHANG Z L,et al.Website fingerprinting attack on anonymity networks based on profile hidden markov model[J].IEEE Transactions on Information Forensics & Security,2017,13(5):1081-1095. [38]PAN Y M,LIN J J.Malicious Network Stream Generation and Verification Based on Generative Adversarial Networks[J].Journal of East China University of Science and Technology,2019,45(2):165-171. [39]ARJOVSKY M,CHINTALA S,BOTTOU L.Wasserstein generative adversarial networks[C]//International Conference on Machine Learning.PMLR,2017:214-223. [40]YAN Q,WANG M,HUANG W,et al.Automatically synthesi-zing DoS attack traces using generative adversarial networks[J].International Journal of Machine Learning and Cybernetics,2019,10(12):3387-3396. [41]ZHANG X Y,ZENG H S,JIA L.Research of intrusion detection system dataset-KDD CUP99[J].Computer Engineering and Design,2010,31(22). [42]USAMA M,ASIM M,LATIF S,et al.Generative Adversarial Networks For Launching and Thwarting Adversarial Attacks on Network Intrusion Detection Systems[C]//2019 15th International Wireless Communications and Mobile Computing Confe-rence(IWCMC).2019. [43]HASHEMI M J,CUSACK G,KELLER E.Towards Evaluation of NIDSs in Adversarial Setting[C]//Proceedings of the 3rd ACMCoNEXT Workshop on Big DAta,Machine Learning and Artificial Intelligence for Data Communication Networks:Association for Computing Machinery.2019. [44]AIKEN J,SCOTT-HAYWARD S.Investigating AdversarialAttacks against Network Intrusion Detection Systems in SDNs[C]//2019 IEEE Conference on Network Function Virtualization and Software Defined Networks(NFV-SDN).2020. [45]BAHROLOLUM M,SALAHI E,KHALEGHI M.Anomaly Intrusion Detection Design using Hybrid of unsupervised and supervised Neural Network[J].International Journal of Computer Networks & Communications(IJCNC),2009,1(2):26-33. [46]WU D,FANG B,WANG J,et al.Evading Machine LearningBotnet Detection Models via Deep Reinforcement Learning[C]//2019 IEEE International Conference on Communications(ICC 2019).2019. [47]GARCIA S,GRILL M,STIBOREK J,et al.An empirical comparison of botnet detection methods[J].Computers & Security,2014,45(Sep.):100-123. [48]SHARON Y,BEREND D,LIU Y,et al.TANTRA:Timing-Based Adversarial Network Traffic Reshaping Attack[J].ar-Xiv:2103.06297,2021. [49]USAMA M,QAYYUM A,QADIR J,et al.Black-box Adversa-rial Machine Learning Attack on Network Traffic Classification[C]//2019 15th International Wireless Communications and Mobile Computing Conference(IWCMC).2019. [50]LASHKARI A H,GIL G D,MAMUN M,et al.Characterization of Tor Traffic using Time based Features[C]//International Conference on Information Systems Security & Privacy.2017. [51]YANG K,LIU J,CHI Z,et al.Adversarial Examples Against the Deep Learning Based Network Intrusion Detection Systems[C]//2018 IEEE Military Communications Conference(MILCOM 2018).2018. |
[1] | 冷典典, 杜鹏, 陈建廷, 向阳. 面向自动化集装箱码头的AGV行驶时间估计 Automated Container Terminal Oriented Travel Time Estimation of AGV 计算机科学, 2022, 49(9): 208-214. https://doi.org/10.11896/jsjkx.210700028 |
[2] | 宁晗阳, 马苗, 杨波, 刘士昌. 密码学智能化研究进展与分析 Research Progress and Analysis on Intelligent Cryptology 计算机科学, 2022, 49(9): 288-296. https://doi.org/10.11896/jsjkx.220300053 |
[3] | 柳杰灵, 凌晓波, 张蕾, 王博, 王之梁, 李子木, 张辉, 杨家海, 吴程楠. 基于战术关联的网络安全风险评估框架 Network Security Risk Assessment Framework Based on Tactical Correlation 计算机科学, 2022, 49(9): 306-311. https://doi.org/10.11896/jsjkx.210600171 |
[4] | 王磊, 李晓宇. 基于随机洋葱路由的LBS移动隐私保护方案 LBS Mobile Privacy Protection Scheme Based on Random Onion Routing 计算机科学, 2022, 49(9): 347-354. https://doi.org/10.11896/jsjkx.210800077 |
[5] | 何强, 尹震宇, 黄敏, 王兴伟, 王源田, 崔硕, 赵勇. 基于大数据的进化网络影响力分析研究综述 Survey of Influence Analysis of Evolutionary Network Based on Big Data 计算机科学, 2022, 49(8): 1-11. https://doi.org/10.11896/jsjkx.210700240 |
[6] | 李瑶, 李涛, 李埼钒, 梁家瑞, Ibegbu Nnamdi JULIAN, 陈俊杰, 郭浩. 基于多尺度的稀疏脑功能超网络构建及多特征融合分类研究 Construction and Multi-feature Fusion Classification Research Based on Multi-scale Sparse Brain Functional Hyper-network 计算机科学, 2022, 49(8): 257-266. https://doi.org/10.11896/jsjkx.210600094 |
[7] | 王馨彤, 王璇, 孙知信. 基于多尺度记忆残差网络的网络流量异常检测模型 Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network 计算机科学, 2022, 49(8): 314-322. https://doi.org/10.11896/jsjkx.220200011 |
[8] | 张光华, 高天娇, 陈振国, 于乃文. 基于N-Gram静态分析技术的恶意软件分类研究 Study on Malware Classification Based on N-Gram Static Analysis Technology 计算机科学, 2022, 49(8): 336-343. https://doi.org/10.11896/jsjkx.210900203 |
[9] | 陈明鑫, 张钧波, 李天瑞. 联邦学习攻防研究综述 Survey on Attacks and Defenses in Federated Learning 计算机科学, 2022, 49(7): 310-323. https://doi.org/10.11896/jsjkx.211000079 |
[10] | 赵冬梅, 吴亚星, 张红斌. 基于IPSO-BiLSTM的网络安全态势预测 Network Security Situation Prediction Based on IPSO-BiLSTM 计算机科学, 2022, 49(7): 357-362. https://doi.org/10.11896/jsjkx.210900103 |
[11] | 李亚茹, 张宇来, 王佳晨. 面向超参数估计的贝叶斯优化方法综述 Survey on Bayesian Optimization Methods for Hyper-parameter Tuning 计算机科学, 2022, 49(6A): 86-92. https://doi.org/10.11896/jsjkx.210300208 |
[12] | 赵璐, 袁立明, 郝琨. 多示例学习算法综述 Review of Multi-instance Learning Algorithms 计算机科学, 2022, 49(6A): 93-99. https://doi.org/10.11896/jsjkx.210500047 |
[13] | 邓凯, 杨频, 李益洲, 杨星, 曾凡瑞, 张振毓. 一种可快速迁移的领域知识图谱构建方法 Fast and Transmissible Domain Knowledge Graph Construction Method 计算机科学, 2022, 49(6A): 100-108. https://doi.org/10.11896/jsjkx.210900018 |
[14] | 吴子斌, 闫巧. 基于动量的映射式梯度下降算法 Projected Gradient Descent Algorithm with Momentum 计算机科学, 2022, 49(6A): 178-183. https://doi.org/10.11896/jsjkx.210500039 |
[15] | 杜鸿毅, 杨华, 刘艳红, 杨鸿鹏. 基于网络媒体的非线性动力学信息传播模型 Nonlinear Dynamics Information Dissemination Model Based on Network Media 计算机科学, 2022, 49(6A): 280-284. https://doi.org/10.11896/jsjkx.210500043 |
|