Activities per year
Abstract
Machine-learning based network intrusion detection systems (ML-NIDS) are increasingly popular in the fight against network attacks. In particular, promising detection results have been demonstrated in conjunction with Software-Defined Networks (SDN), in which the logically centralized control plane provides access to data from across the network. However,research into adversarial attacks against machine learning classifiers has highlighted vulnerabilities in a number of fields.These vulnerabilities raise concerns about the implementation of similar classifiers in anomaly-based NIDSs within SDNs. Inthis work, we investigate the viability of adversarial attacks against classifiers in this field. We implement an anomaly-based NIDS, Neptune, as a target platform that utilises a number of different machine learning classifiers and traffic flow features. We develop an adversarial test tool, Hydra, to evaluate the impact of adversarial evasion classifier attacks against Neptune with the goal of lowering the detection rate of malicious network traffic. The results demonstrate that with the perturbation ofa few features, the detection accuracy of a specific SYN flood Distributed Denial of Service (DDoS) attack by Neptune decreases from 100% to 0% across a number of classifiers. Based on these results, recommendations are made as to how to increase the robustness of classifiers against the demonstrated attacks.
Original language | English |
---|---|
Title of host publication | IEEE Conference on Network Functions Virtualization and Software Defined Networks 12/11/2019 → 14/11/2019 Dallas, United States |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
ISBN (Electronic) | 978-1-7281-4545-7 |
DOIs | |
Publication status | Published - 19 Mar 2020 |
Event | IEEE Conference on Network Functions Virtualization and Software Defined Networks - Dallas, United States Duration: 12 Nov 2019 → 14 Nov 2019 https://nfvsdn2019.ieee-nfvsdn.org/ |
Conference
Conference | IEEE Conference on Network Functions Virtualization and Software Defined Networks |
---|---|
Abbreviated title | IEEE NFV-SDN |
Country/Territory | United States |
City | Dallas |
Period | 12/11/2019 → 14/11/2019 |
Internet address |
Fingerprint
Dive into the research topics of 'Investigating Adversarial Attacks against Network Intrusion Detection Systems in SDNs'. Together they form a unique fingerprint.Activities
-
AI: Adversarial Attacks
Scott-Hayward, S. (Invited speaker)
08 Feb 2023Activity: Talk or presentation types › Invited talk
-
99.99% accurate - What's the problem?
Scott-Hayward, S. (Keynote speaker)
02 Sept 2022Activity: Talk or presentation types › Invited or keynote talk at national or international conference
-
Cyber AI - Panel
Scott-Hayward, S. (Speaker)
17 May 2022Activity: Talk or presentation types › Oral presentation
Prizes
-
Best Conference Paper Award, IEEE NFV-SDN 2019
Aiken, J. (Recipient) & Scott-Hayward, S. (Recipient), 2019
Prize: Prize (including medals and awards)
Research output
- 48 Citations
- 1 Article
-
Securing AI-based Security Systems
Scott-Hayward, S., 01 Jun 2022, GCSP Strategic Security Analysis, 25.Research output: Contribution to specialist publication › Article
Open AccessFile