Computer Science

Computer Science ›› 2025, Vol. 52 ›› Issue (2): 362-373.doi: 10.11896/jsjkx.240300009

• Information Security • Previous Articles     Next Articles

Traffic Adversarial Example Defense Based on Feature Transfer

HE Yuankang1, MA Hailong1,2, HU Tao1, JIANG Yiming1,2, ZHANG Peng1, LIANG Hao1   

  1. 1 PLA Strategic Support Force Information Engineering University,Zhengzhou 450000,China
    2 Key Laboratory of Cyberspace Security Ministry of Education,Zhengzhou 450000,China
  • Received:2024-03-01 Revised:2024-07-19 Online:2025-02-15 Published:2025-02-17
  • About author:HE Yuankang,born in 1999,postgraduate.His main research interests include cyberspace security,machine learning and adversarial example attack.
    MA Hailong,born in 1980.Ph.D,professor,Ph.D supervisor.His main research interests include endogenous security in cyberspace,intelligent awareness of cyber threats,and innovative cyber systems.
  • Supported by:
    Xiong'an New Area Science and Technology Innovation Special Project(2022XAGG0111) and Young Scientists Fund of the National Natural Science Foundation of China(62002383).

PDF (PC)

112

Abstract: In the domain of traffic detection,the challenge of defending against adversarial examples is significant.Traditional adversarial example defense methods,which rely heavily on adversarial training,necessitate a vast quantity of adversarial examples for training purposes.However,a notable drawback of such approaches is the resultant decrease in the recognition accuracy of the original,unaltered data.This reduction in accuracy poses a substantial problem,as it compromises the effectiveness of the defense mechanism in recognizing legitimate traffic patterns.To address these challenges,a novel approach to traffic adversarial example defense has been proposed,leveraging the concept of feature transfer.This innovative method ingeniously combines two strategic defense philosophies:firstly,enhancing the robustness of the model against adversarial attacks,and secondly,obfuscating the space within which adversarial examples operate.The defense mechanism is architecturally composed of two integral modules:a lower-level defense module equipped with denoising capabilities,and a recognition module designed for the explicit purpose of identifying traffic patterns.The cornerstone of this approach is the employment of a stacked autoencoder as the foundational element of the lower-level defense module.This choice is pivotal,as the autoencoder excels in adversarial knowledge learning,thereby endowing the system with the capability to extract and understand adversarial features effectively.This is a critical step in ensuring that the defense mechanism can preemptively neutralize potential adversarial threats.Subsequently,the system embarks on a phase of functional adaptation,tailored specifically to the characteristics of network traffic.This phase involves the construction of adaptive functionalities based on the distinct features of traffic,followed by the training of the recognition module using non-adversarial traffic data.This strategic training empowers the recognition module with the ability to accurately identify legitimate traffic patterns,thereby significantly enhancing the overall efficacy of the defense mechanism.A key innovation of this method is the conceptual separation of defense and recognition functionalities.This separation not only reduces the operational costs asso-ciated with defense but also minimizes the adverse impact of adversarial training on the recognition accuracy of original data.As a result,the system achieves a rapid adaptation to evolving threats,significantly improving the model's defensive resilience.Empirical evidence supports the effectiveness of this approach,with the recognition accuracy for new adversarial examples experiencing a substantial increase to approximately 40%.This improvement marks a significant advancement in the field of traffic detection and adversarial example defense,offering a promising avenue for future research and development.

Key words: Intrusion detection, Traffic adversarial example, Adversarial example defense, Defensive knowledge transfer

CLC Number: 

  • TP309
[1]LECUN Y,BOTTOU L,BENGIO Y,et al.Gradient-BasedLearning Applied to Document Recognition[J].The IEEE,1998,86(11):2278-2324.
[2]SZEGEDY C,ZAREMBA W,SUTSKEVER I,et al.Intriguing properties of neural networks[J].arXiv:1312.6199,2013.
[3]SHARON Y,BEREND D,LIU Y,et al.Tantra:Timing-based adversarial network traffic reshaping attack[J].IEEE Transactions on Information Forensics and Security,2022,17:3225-3237.
[4]ZHENG Y,DANG Z,PENG C,et al.Multi-view Multi-labelAnomaly Network Traffic Classification based on MLP-Mixer Neural Network[J].arXiv:2210.16719,2022.
[5]YU Y,BIAN N.An intrusion detection method using few-shot learning[J].IEEE Access,2020,8:49730-49740.
[6]SHU D,LESLIE N O,KAMHOUA C A,et al.Generative adversarial attacks against intrusion detection systems using active learning[C]//Proceedings of the 2nd ACM Workshop on Wireless Security and Machine Learning.2020:1-6.
[7]MACHADO G R,SILVA E,GOLDSCHMIDT R R.Adversarial machine learning in image classification:A survey toward the defender's perspective[J].ACM Computing Surveys(CSUR),2021,55(1):1-38.
[8]RUST-NGUYEN N,SHARMA S,STAMP M.Darknet Traffic Classification and Adversarial Attacks Using Machine Learning[J].Computers & Security,2023,127:103098.
[9]CHENG Q,ZHOU S,SHEN Y,et al.Packet-level adversarial network traffic crafting using sequence generative adversarial networks[J].arXiv:2103.04794,2021.
[10]CHERNIKOVA A,OPREA A.Fence:Feasible evasion attacks on neural networks in constrained environments[J].ACM Transactions on Privacy and Security,2022,25(4):1-34.
[11]SADEGHZADEH A M,SHIRAVI S,JALILI R.Adversarialnetwork traffic:Towards evaluating the robustness of deep-learning-based network traffic classification[J].IEEE Transactions on Network and Service Management,2021,18(2):1962-1976.
[12]NOVO C,MORLA R.Flow-based detection and proxy-based evasion of encrypted malware c2 traffic[C]//Proceedings of the 13th ACM Workshop on Artificial Intelligence and Security.2020:83-91.
[13]HUANG W,PENG X,SHI Z,et al.Adversarial attack against LSTM-based DDoS intrusion detection system[C]//2020 IEEE 32nd International Conference on Tools with Artificial Intelligence(ICTAI).IEEE,2020:686-693.
[14]CHEN J Y,WU C A,ZHENG H B.Novel defense based onsoftmax activation transformation[J].Chinese Journal of Network and Information Security,2022,8(2):48-63.
[15]ROSS A,DOSHI-VELEZ F.Improving the adversarial robustness and interpretability of deep neural networks by regularizing their input gradients[C]//Proceedings of the AAAI Conference on Artificial Intelligence.2018.
[16]PAPERNOT N,MCDANIEL P,WU X,et al.Distillation as adefense to adversarial perturbations against deep neural networks[C]//2016 IEEE Symposium on Security and Privacy(SP).IEEE,2016:582-597.
[17]MCCARTHY A,GHADAFI E,ANDRIOTIS P,et al.Defending against adversarial machine learning attacks using hierarchical learning:A case study on network traffic attack classification[J].Journal of Information Security and Applications,2023,72:103398.
[18]CHEN S H,SHEN H J,WANG R,et al.Relationship Between Prediction Uncertainty and Adversarial Robustness[J].Journal of Software,2022,33(2):524-538.
[19]GOODFELLOW I J,SHLENS J,SZEGEDY C.Explaining and harnessing adversarial examples[J].arXiv:1412.6572,2014.
[20]WANG B,GUO Y K,QIAN Y G,et al.Defense of Traffic Classifiers based on Convolutional Networks against Adversarial Examples[J].Journal of Cyber Security,2022,7(1):145-156.
[21]HASHEMI M J,KELLER E.Enhancing robustness against ad-versarial examples in network intrusion detection systems[C]//2020 IEEE Conference on Network Function Virtualization and Software Defined Networks(NFV-SDN).IEEE,2020:37-43.
[22]SAHA S,HAQUE A,SIDEBOTTOM G.Transfer learningbased efficient traffic prediction with limited training data[C]//2023 IEEE 20th Consumer Communications & Networking Conference(CCNC).IEEE,2023:477-480.
[23]WAN X,LIU H,XU H,et al.Network traffic prediction based on LSTM and transfer learning[J].IEEE Access,2022,10:86181-86190.
[24]BIERBRAUER D A,DE LUCIA M J,REDDY K,et al.Transfer learning for raw network traffic detection[J].Expert Systems with Applications,2023,211:118641.
[25]DEBICHA I,BAUWENS R,DEBATTY T,et al.TAD:Transfer learning-based multi-adversarial detection of evasion attacks against network intrusion detection systems[J].Future Generation Computer Systems,2023,138:185-197.
[26]SHARAFALDIN I,LASHKARI A H,GHORBANI A A.Toward generating a new intrusion detection dataset and intrusion traffic characterization[J].ICISSp,2018,1:108-116.
[1] SUN Hongbin, WANG Su, WANG Zhiliang, JIANG Zheyu, YANG Jiahai, ZHANG Hui. Augmenter:Event-level Intrusion Detection Based on Data Provenance Graph [J]. Computer Science, 2025, 52(2): 344-352.
[2] LIU Dongqi, ZHANG Qiong, LIANG Haolan, ZHANG Zidong, ZENG Xiangjun. Study on Smart Grid AMI Intrusion Detection Method Based on Federated Learning [J]. Computer Science, 2024, 51(6A): 230700077-8.
[3] WANG Chundong, LEI Jiebin. Intrusion Detection Model Based on Combinatorial Optimization of Improved Pigeon SwarmAlgorithm [J]. Computer Science, 2024, 51(11A): 231100054-7.
[4] WANG Chundong, ZHANG Jiakai. Study on Open Set Based Intrusion Detection Method [J]. Computer Science, 2024, 51(11A): 231000033-6.
[5] FAN Yi, HU Tao, YI Peng. System Call Host Intrusion Detection Technology Based on Generative Adversarial Network [J]. Computer Science, 2024, 51(10): 408-415.
[6] YANG Pengfei, CAI Ruijie, GUO Shichen, LIU Shengli. Container-based Intrusion Detection Method for Cisco IOS-XE [J]. Computer Science, 2023, 50(4): 298-307.
[7] LI Haitao, WANG Ruimin, DONG Weiyu, JIANG Liehui. Semi-supervised Network Traffic Anomaly Detection Method Based on GRU [J]. Computer Science, 2023, 50(3): 380-390.
[8] BAI Wanrong, WEI Feng, ZHENG Guangyuan, WANG Baohui. Study on Intrusion Detection Algorithm Based on TCN-BiLSTM [J]. Computer Science, 2023, 50(11A): 230300142-8.
[9] WANG Xin-tong, WANG Xuan, SUN Zhi-xin. Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network [J]. Computer Science, 2022, 49(8): 314-322.
[10] ZHOU Zhi-hao, CHEN Lei, WU Xiang, QIU Dong-liang, LIANG Guang-sheng, ZENG Fan-qiao. SMOTE-SDSAE-SVM Based Vehicle CAN Bus Intrusion Detection Algorithm [J]. Computer Science, 2022, 49(6A): 562-570.
[11] CAO Yang-chen, ZHU Guo-sheng, SUN Wen-he, WU Shan-chao. Study on Key Technologies of Unknown Network Attack Identification [J]. Computer Science, 2022, 49(6A): 581-587.
[12] WEI Hui, CHEN Ze-mao, ZHANG Li-qiang. Anomaly Detection Framework of System Call Trace Based on Sequence and Frequency Patterns [J]. Computer Science, 2022, 49(6): 350-355.
[13] WANG Jue, LU Bin, ZHU Yue-fei. Generation and Application of Adversarial Network Traffic:A Survey [J]. Computer Science, 2022, 49(11A): 211000039-11.
[14] WANG Lu, WEN Wu-song. Study on Distributed Intrusion Detection System Based on Artificial Intelligence [J]. Computer Science, 2022, 49(10): 353-357.
[15] ZHANG Shi-peng, LI Yong-zhong. Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions [J]. Computer Science, 2021, 48(9): 345-351.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.