Evaluation of Adversarial Training on Different Types of Neural Networks in Deep Learning-based IDSs

TL;DR

This paper evaluates the robustness of deep learning-based intrusion detection systems against adversarial attacks, demonstrating that adversarial training improves resilience across various neural network architectures and datasets.

Contribution

It investigates the effectiveness of adversarial training using a min-max approach on CNN and RNN models for IDS, which is a novel application in this context.

Findings

Adversarial training enhances robustness against multiple attack methods.

Different neural network architectures benefit from adversarial training.

The approach is validated on benchmark datasets.

Abstract

Network security applications, including intrusion detection systems of deep neural networks, are increasing rapidly to make detection task of anomaly activities more accurate and robust. With the rapid increase of using DNN and the volume of data traveling through systems, different growing types of adversarial attacks to defeat them create a severe challenge. In this paper, we focus on investigating the effectiveness of different evasion attacks and how to train a resilience deep learning-based IDS using different Neural networks, e.g., convolutional neural networks (CNN) and recurrent neural networks (RNN). We use the min-max approach to formulate the problem of training robust IDS against adversarial examples using two benchmark datasets. Our experiments on different deep learning algorithms and different benchmark datasets demonstrate that defense using an adversarial training-based min-max approach improves the robustness against the five well-known adversarial attack methods.