Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain

TL;DR

This paper reviews adversarial machine learning attacks and defenses in cybersecurity, highlighting unique challenges, categorizing methods, and proposing future research directions in this critical domain.

Contribution

It provides the first comprehensive taxonomy of adversarial attacks and defenses specific to cybersecurity, addressing unique challenges and future research needs.

Findings

Characterization of attack methods based on attack stage, goals, and capabilities.

Categorization of attack and defense applications in cybersecurity.

Discussion of recent research characteristics and future directions.

Abstract

In recent years machine learning algorithms, and more specifically deep learning algorithms, have been widely used in many fields, including cyber security. However, machine learning systems are vulnerable to adversarial attacks, and this limits the application of machine learning, especially in non-stationary, adversarial environments, such as the cyber security domain, where actual adversaries (e.g., malware developers) exist. This paper comprehensively summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques and illuminates the risks they pose. First, the adversarial attack methods are characterized based on their stage of occurrence, and the attacker's goals and capabilities. Then, we categorize the applications of adversarial attack and defense methods in the cyber security domain. Finally, we highlight some characteristics identified in recent research and discuss the impact of recent advancements in other adversarial learning domains on future research directions in the cyber security domain. This paper is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain, map them in a unified taxonomy, and use the taxonomy to highlight future research directions.