Diffusion-based Adversarial Purification for Intrusion Detection

TL;DR

This paper explores the use of diffusion models for purifying adversarial examples in network intrusion detection, enhancing robustness against sophisticated cyberattacks while maintaining normal detection performance.

Contribution

It introduces the application of diffusion-based adversarial purification in intrusion detection and analyzes diffusion parameters for optimal robustness.

Findings

Diffusion models effectively purify adversarial examples in intrusion detection.

Optimal diffusion configurations improve robustness with minimal impact on normal detection.

Insights into the relationship between diffusion noise and steps are provided.

Abstract

The escalating sophistication of cyberattacks has encouraged the integration of machine learning techniques in intrusion detection systems, but the rise of adversarial examples presents a significant challenge. These crafted perturbations mislead ML models, enabling attackers to evade detection or trigger false alerts. As a reaction, adversarial purification has emerged as a compelling solution, particularly with diffusion models showing promising results. However, their purification potential remains unexplored in the context of intrusion detection. This paper demonstrates the effectiveness of diffusion models in purifying adversarial examples in network intrusion detection. Through a comprehensive analysis of the diffusion parameters, we identify optimal configurations maximizing adversarial robustness with minimal impact on normal performance. Importantly, this study reveals insights into the relationship between diffusion noise and diffusion steps, representing a novel contribution to the field. Our experiments are carried out on two datasets and against 5 adversarial attacks. The implementation code is publicly available.