Mitigating Evasion Attacks in Fog Computing Resource Provisioning Through Proactive Hardening

TL;DR

This paper addresses the vulnerability of fog computing resource provisioning to evasion attacks on ML-based clustering, proposing a proactive adversarial training method to enhance system robustness.

Contribution

It introduces a novel proactive defense strategy using adversarial training to protect k-means based resource provisioning from model integrity attacks.

Findings

Proposed adversarial training improves attack robustness.

Mitigation maintains system stability under attack.

Effective defense against query-based reverse engineering.

Abstract

This paper investigates the susceptibility to model integrity attacks that overload virtual machines assigned by the k-means algorithm used for resource provisioning in fog networks. The considered k-means algorithm runs two phases iteratively: offline clustering to form clusters of requested workload and online classification of new incoming requests into offline-created clusters. First, we consider an evasion attack against the classifier in the online phase. A threat actor launches an exploratory attack using query-based reverse engineering to discover the Machine Learning (ML) model (the clustering scheme). Then, a passive causative (evasion) attack is triggered in the offline phase. To defend the model, we suggest a proactive method using adversarial training to introduce attack robustness into the classifier. Our results show that our mitigation technique effectively maintains the stability of the resource provisioning system against attacks.