Employing Deep Ensemble Learning for Improving the Security of Computer Networks against Adversarial Attacks

Ehsan Nowroozi; Mohammadreza Mohammadi; Erkay Savas; Yassine Mekdad; Mauro Conti

doi:10.1109/TNSM.2023.3267831

Employing Deep Ensemble Learning for Improving the Security of Computer Networks against Adversarial Attacks

Ehsan Nowroozi, Mohammadreza Mohammadi, Erkay Savas, Yassine Mekdad, Mauro Conti

Cyber Security

Research output: Contribution to journal › Article › Scientific › peer-review

9 Downloads (Pure)

Abstract

In the past few years, Convolutional Neural Networks (CNN) have demonstrated promising performance in various real-world cybersecurity applications, such as network and multimedia security. However, the underlying fragility of CNN structures poses major security problems, making them inappropriate for use in security-oriented applications, including computer networks. Protecting these architectures from adversarial attacks necessitates using security-wise architectures that are challenging to attack. In this study, we present a novel architecture based on an ensemble classifier that combines the enhanced security of 1-Class classification (known as 1C) with the high performance of conventional 2-Class classification (known as 2C) in the absence of attacks. Our architecture is referred to as the 1.5-Class (cmb-classifier) classifier and is constructed using a final dense classifier, one 2C classifier (i.e., CNNs), and two parallel 1C classifiers (i.e., auto-encoders). In our experiments, we evaluated the robustness of our proposed architecture by considering eight possible adversarial attacks in various scenarios. We performed these attacks on the 2C and cmb-classifier architectures separately. The experimental results of our study showed that the Attack Success Rate (ASR) of the I-FGSM attack against a 2C classifier trained with the N-BaIoT dataset is 0.9900. In contrast, the ASR is 0.0000 for the cmb-classifier.

Original language	English
Pages (from-to)	2096-2105
Number of pages	10
Journal	IEEE Transactions on Network and Service Management
Volume	20
Issue number	2
DOIs	https://doi.org/10.1109/TNSM.2023.3267831
Publication status	Published - 2023

Bibliographical note

Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care
Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.

Keywords

Adversarial Attacks
Adversarial Examples
Adversarial Machine Learning
Computer architecture
Computer networks
Computer security
Convolutional neural networks
Counter-Forensics
Cybersecurity
Deep-Learning Security
Ensemble Classifiers
Forensics
Secure Classification
Support vector machines
Training

Access to Document

10.1109/TNSM.2023.3267831

Employing_Deep_Ensemble_Learning_for_Improving_the_Security_of_Computer_Networks_Against_Adversarial_AttacksFinal published version, 3.08 MB

Cite this

@article{9fe719f40856458ca27c226acacb73c6,

title = "Employing Deep Ensemble Learning for Improving the Security of Computer Networks against Adversarial Attacks",

abstract = "In the past few years, Convolutional Neural Networks (CNN) have demonstrated promising performance in various real-world cybersecurity applications, such as network and multimedia security. However, the underlying fragility of CNN structures poses major security problems, making them inappropriate for use in security-oriented applications, including computer networks. Protecting these architectures from adversarial attacks necessitates using security-wise architectures that are challenging to attack. In this study, we present a novel architecture based on an ensemble classifier that combines the enhanced security of 1-Class classification (known as 1C) with the high performance of conventional 2-Class classification (known as 2C) in the absence of attacks. Our architecture is referred to as the 1.5-Class (cmb-classifier) classifier and is constructed using a final dense classifier, one 2C classifier (i.e., CNNs), and two parallel 1C classifiers (i.e., auto-encoders). In our experiments, we evaluated the robustness of our proposed architecture by considering eight possible adversarial attacks in various scenarios. We performed these attacks on the 2C and cmb-classifier architectures separately. The experimental results of our study showed that the Attack Success Rate (ASR) of the I-FGSM attack against a 2C classifier trained with the N-BaIoT dataset is 0.9900. In contrast, the ASR is 0.0000 for the cmb-classifier.",

keywords = "Adversarial Attacks, Adversarial Examples, Adversarial Machine Learning, Computer architecture, Computer networks, Computer security, Convolutional neural networks, Counter-Forensics, Cybersecurity, Deep-Learning Security, Ensemble Classifiers, Forensics, Secure Classification, Support vector machines, Training",

author = "Ehsan Nowroozi and Mohammadreza Mohammadi and Erkay Savas and Yassine Mekdad and Mauro Conti",

note = "Green Open Access added to TU Delft Institutional Repository {\textquoteleft}You share, we take care!{\textquoteright} – Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public. ",

year = "2023",

doi = "10.1109/TNSM.2023.3267831",

language = "English",

volume = "20",

pages = "2096--2105",

journal = "IEEE Transactions on Network and Service Management",

issn = "1932-4537",

publisher = "Institute of Electrical and Electronics Engineers (IEEE)",

number = "2",

}

TY - JOUR

T1 - Employing Deep Ensemble Learning for Improving the Security of Computer Networks against Adversarial Attacks

AU - Nowroozi, Ehsan

AU - Mohammadi, Mohammadreza

AU - Savas, Erkay

AU - Mekdad, Yassine

AU - Conti, Mauro

N1 - Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.

PY - 2023

Y1 - 2023

N2 - In the past few years, Convolutional Neural Networks (CNN) have demonstrated promising performance in various real-world cybersecurity applications, such as network and multimedia security. However, the underlying fragility of CNN structures poses major security problems, making them inappropriate for use in security-oriented applications, including computer networks. Protecting these architectures from adversarial attacks necessitates using security-wise architectures that are challenging to attack. In this study, we present a novel architecture based on an ensemble classifier that combines the enhanced security of 1-Class classification (known as 1C) with the high performance of conventional 2-Class classification (known as 2C) in the absence of attacks. Our architecture is referred to as the 1.5-Class (cmb-classifier) classifier and is constructed using a final dense classifier, one 2C classifier (i.e., CNNs), and two parallel 1C classifiers (i.e., auto-encoders). In our experiments, we evaluated the robustness of our proposed architecture by considering eight possible adversarial attacks in various scenarios. We performed these attacks on the 2C and cmb-classifier architectures separately. The experimental results of our study showed that the Attack Success Rate (ASR) of the I-FGSM attack against a 2C classifier trained with the N-BaIoT dataset is 0.9900. In contrast, the ASR is 0.0000 for the cmb-classifier.

AB - In the past few years, Convolutional Neural Networks (CNN) have demonstrated promising performance in various real-world cybersecurity applications, such as network and multimedia security. However, the underlying fragility of CNN structures poses major security problems, making them inappropriate for use in security-oriented applications, including computer networks. Protecting these architectures from adversarial attacks necessitates using security-wise architectures that are challenging to attack. In this study, we present a novel architecture based on an ensemble classifier that combines the enhanced security of 1-Class classification (known as 1C) with the high performance of conventional 2-Class classification (known as 2C) in the absence of attacks. Our architecture is referred to as the 1.5-Class (cmb-classifier) classifier and is constructed using a final dense classifier, one 2C classifier (i.e., CNNs), and two parallel 1C classifiers (i.e., auto-encoders). In our experiments, we evaluated the robustness of our proposed architecture by considering eight possible adversarial attacks in various scenarios. We performed these attacks on the 2C and cmb-classifier architectures separately. The experimental results of our study showed that the Attack Success Rate (ASR) of the I-FGSM attack against a 2C classifier trained with the N-BaIoT dataset is 0.9900. In contrast, the ASR is 0.0000 for the cmb-classifier.

KW - Adversarial Attacks

KW - Adversarial Examples

KW - Adversarial Machine Learning

KW - Computer architecture

KW - Computer networks

KW - Computer security

KW - Convolutional neural networks

KW - Counter-Forensics

KW - Cybersecurity

KW - Deep-Learning Security

KW - Ensemble Classifiers

KW - Forensics

KW - Secure Classification

KW - Support vector machines

KW - Training

UR - http://www.scopus.com/inward/record.url?scp=85153488689&partnerID=8YFLogxK

U2 - 10.1109/TNSM.2023.3267831

DO - 10.1109/TNSM.2023.3267831

M3 - Article

AN - SCOPUS:85153488689

SN - 1932-4537

VL - 20

SP - 2096

EP - 2105

JO - IEEE Transactions on Network and Service Management

JF - IEEE Transactions on Network and Service Management

IS - 2

ER -

Employing Deep Ensemble Learning for Improving the Security of Computer Networks against Adversarial Attacks

Abstract

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this