Are machine learning based intrusion detection system always secure? An insight into tampered learning

Rupam Kumar Sharma*, Hemanta Kr Kalita, Biju Issac

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

3 Citations (Scopus)
17 Downloads (Pure)

Abstract

Machine Learning is successful in many applications including securing a network from unseen attack. The application of learning algorithm for detecting anomaly in a Network has been fundamental since few years. With increasing use of machine learning techniques it has become important to study to what extent it is good to be dependent on them. Altogether a different discipline called 'Adversarial Learning' have come up as a separate dimension of study. The work in this paper is to test the robustness of online machine learning based IDS to carefully crafted packets by attacker called poison packets. The objective is to observe how a remote attacker can deviate the normal behavior of machine learning based classifier in the IDS by injecting the network with carefully crafted packets externally, that may seem normal by the classification algorithm and the instance made part of its future training set. This behavior eventually can lead to a poison learning by the classification algorithm in the long run, resulting in misclassification of true attack instances. This work explores one such approach with SOM and SVM as the online learning based classification algorithms.

Original languageEnglish
Pages (from-to)3635-3651
Number of pages17
JournalJournal of Intelligent and Fuzzy Systems
Volume35
Issue number3
DOIs
Publication statusPublished - 1 Oct 2018
Externally publishedYes

Keywords

  • Adversarial learning
  • artificial intelligence
  • intrusion detection system
  • machine learning
  • NSL-KDD dataset
  • poison learning
  • support vectors
  • SVM

Fingerprint

Dive into the research topics of 'Are machine learning based intrusion detection system always secure? An insight into tampered learning'. Together they form a unique fingerprint.

Cite this