| 364 | 0 | 87 |
| Downloads | Citas | Reads |
The deep learning-based malicious traffic detection model is susceptible to adversarial attacks. In order to uncover security vulnerabilities with such models and find ways to enhance the robustness, an adversarial sample generation model(ReN-GAN) was proposed. Based on the principles of generative adversarial networks(GANs), the model could automatically generate relevant disguised traffic based on traffic features and utilize the transferability of adversarial samples to achieve black-box attacks. By introducing momentum iteration methods and adding constraints on perturbations, the generalization capability of disguised traffic adversarial samples while ensuring the functionality of the original traffic was enhanced. During training, the model was optimized by integrating meta-learning theory, enabling the target integrated model to capture the common decision boundaries of various models more effectively and enhancing the transferability of generated adversarial samples. Experimental results showed that the adversarial samples generated by the ReN-GAN model, while preserving the characteristics of the original traffic, achieved an average evasion rate of 54.1% on black-box detection models, significantly reducing the generation time compared to other methods. Furthermore, when trained on classifiers based on DNN, the ReN-GAN model required only five iterations to generate disguised traffic with an evasion rate of 62%, greatly reducing the interaction times.
[1] 周杰英,贺鹏飞,邱荣发,等.融合随机森林和梯度提升树的入侵检测研究[J].软件学报,2021,32(10):3254-3265.ZHOU J Y,HE P F,QIU R F,et al.Research on intrusion detection based on random forest and gradient boosting tree[J].Journal of software,2021,32(10):3254-3265.
[2] 魏明军,闫旭文,纪占林,等.基于CNN与LightGBM的入侵检测研究[J].郑州大学学报(理学版),2023,55(6):35-40.WEI M J,YAN X W,JI Z L,et al.Research on intrusion detection based on CNN and LightGBM[J].Journal of Zhengzhou university (natural science edition),2023,55(6):35-40.
[3] 余正飞,闫巧,周鋆.面向网络空间防御的对抗机器学习研究综述[J].自动化学报,2022,48(7):1625-1649.YU Z F,YAN Q,ZHOU Y.A survey on adversarial machine learning for cyberspace defense[J].Acta automatica sinica,2022,48(7):1625-1649.
[4] 侯剑,鲁辉,刘方爱,等.加密恶意流量检测及对抗综述[J].软件学报,2024,35(1):333-355.HOU J,LU H,LIU F A,et al.Detection and countermeasure of encrypted malicious traffic:a survey[J].Journal of software,2024,35(1):333-355.
[5] 纪守领,李进锋,杜天宇,等.机器学习模型可解释性方法、应用与安全研究综述[J].计算机研究与发展,2019,56(10):2071-2096.JI S L,LI J F,DU T Y,et al.Survey on techniques,applications and security of machine learning interpretability[J].Journal of computer research and development,2019,56(10):2071-2096.
[6] SZEGEDY C,ZAREMBA W,SUTSKEVER I,et al.Intriguing properties of neural networks[EB/OL].(2013-12-21)[2024-04-10].http://arxiv.org/abs/1312.6199.
[7] GOODFELLOW I J,SHLENS J,SZEGEDY C.Explaining and harnessing adversarial examples[EB/OL].(2014-12-20)[2024-04-10].https://arxiv.org/abs/1412.6572.
[8] KURAKIN A,GOODFELLOW I J,BENGIO S.Adversarial examples in the physical world[M]//Artificial Intelligence Safety and Security.Boca Raton:CRC Press,2018:99-112.
[9] XIAO C W,LI B,ZHU J Y,et al.Generating adversarial examples with adversarial networks[EB/OL].(2018-01-08)[2024-04-10].http://arxiv.org/abs/1801.02610.
[10] 胡永进,郭渊博,马骏,等.基于对抗样本的网络欺骗流量生成方法[J].通信学报,2020,41(9):59-70.HU Y J,GUO Y B,MA J,et al.Method to generate cyber deception traffic based on adversarial sample[J].Journal on communications,2020,41(9):59-70.
[11] 潘一鸣,林家骏.基于生成对抗网络的恶意网络流生成及验证[J].华东理工大学学报(自然科学版),2019,45(2):344-350.PAN Y M,LIN J J.Generation and verification of malicious network flow based on generative adversarial networks[J].Journal of East China university of science and technology,2019,45(2):344-350.
[12] 李沛洋,李璇,陈俊杰,等.面向规避僵尸网络流量检测的对抗样本生成[J].计算机工程与应用,2022,58(4):126-133.LI P Y,LI X,CHEN J J,et al.Adversarial sample generation for evading botnet traffic detection[J].Computer engineering and applications,2022,58(4):126-133.
[13] DONG Y P,LIAO F Z,PANG T Y,et al.Boosting adversarial attacks with momentum[C]//IEEE/CVF Conference on Computer Vision and Pattern Recognition.Piscataway:IEEE Press,2018:9185-9193.
[14] NICHOL A,ACHIAM J,SCHULMAN J.On first-order meta-learning algorithms[EB/OL].(2018-05-08)[2024-04-10].http://arxiv.org/abs/1803.02999.
[15] GOODFELLOW I J,POUGET-ABADIE J,MIRZA M,et al.Generative adversarial networks[EB/OL].(2014-06-10)[2024-04-10].http://arxiv.org/abs/1406.2661.
[16] USAMA M,ASIM M,LATIF S,et al.Generative adversarial networks for launching and thwarting adversarial attacks on network intrusion detection systems[C]//International Wireless Communications & Mobile Computing Conference.Piscataway:IEEE Press,2019:78-83.
[17] REVATHI S,MALATHI A.A detailed analysis on NSL-KDD dataset using various machine learning techniques for intrusion detection[J].International journal of engineering research & technology,2013,2(12):1848-1853.
[18] 杭梦鑫,陈伟,张仁杰.基于改进的一维卷积神经网络的异常流量检测[J].计算机应用,2021,41(2):433-440.HANG M X,CHEN W,ZHANG R J.Abnormal flow detection based on improved one-dimensional convolutional neural network[J].Journal of computer applications,2021,41(2):433-440.
[19] 刘月峰,蔡爽,杨涵晰,等.融合CNN与BiLSTM的网络入侵检测方法[J].计算机工程,2019,45(12):127-133.LIU Y F,CAI S,YANG H X,et al.Network intrusion detection method integrating CNN and BiLSTM[J].Computer engineering,2019,45(12):127-133.
[20] 李俊,夏松竹,兰海燕,等.基于GRU-RNN的网络入侵检测方法[J].哈尔滨工程大学学报,2021,42(6):879-884.LI J,XIA S Z,LAN H Y,et al.Network intrusion detection method based on GRU-RNN[J].Journal of Harbin engineering university,2021,42(6):879-884.
Basic Information:
DOI:10.13705/j.issn.1671-6841.2024118
China Classification Code:TP393.08;TP18
Citation Information:
[1]ZOU Yuanhuai,ZHANG Shufen,ZHANG Zucuan ,et al.The Pseudorandom Traffic Generation Model Based on GAN and Meta-learning[J].Journal of Zhengzhou University(Natural Science Edition),2026,58(01):35-42.DOI:10.13705/j.issn.1671-6841.2024118.
Fund Information:
国家自然科学基金项目(U20A20179)
2024-10-21
2024-10-21
2024-10-21