摘要
在机器学习被广泛应用的背景下,本文提出一种针对基于SVM(Support Vector Machine)入侵检测系统的新颖攻击方法——毒性攻击.该方法通过篡改训练数据,进而误导SVM的机器学习过程,降低入侵检测系统的分类模型对攻击流量的识别率.本文把这种攻击建模为最优化问题,利用数值方法得到攻击样本.通过包含多种攻击类型的NSL-KDD数据集进行实验,从攻击流量的召回率和精度这两个指标对攻击效果进行评估,与已有方法相比,实验结果表明本文方法可更有效地降低入侵检测系统的识别率.本文希望通过该研究进一步认识针对机器学习的新颖攻击,为下一步研究对应的防御机制提供研究基础.
Machine learning is widely applied in various intelligent devices including intrusion detection systems (IDS).We propose a novel approach called poising attack on IDS based on SVM.This attack is to degrade detection rate of IDS by misleading the SVM learning process with poisoned training data set.We model the poisoning attack as an optimization problem and solve it with numerical approach to get poisoned data set.At last,NSL-KDD data including several real attacks is used in our experiments,and two measures of precision and callback are used to evaluate the effectiveness.The result shows the poisoning attack approach can significantly degrade the IDS performance.This study may further understand the possible new attacks on machine learning,and provide the basis for the next study of the corresponding defense methods.
作者
钱亚冠
卢红波
纪守领
周武杰
吴淑慧
雷景生
陶祥兴
QIAN Ya-guan;LU Hong-bo;JI Shou-ling;ZHOU Wu-jie;WU Shu-hui;LEI Jing-sheng;TAO Xiang-xing(School of Science & Big Data Science,Zhejiang University of Science and Technology,Hangzhou,Zhejiang 310023,China;College of Computer Science and Technology,Zhejiang University,Hangzhou,Zhejiang 310058,China;School of Information and Electronic Engineering,Zhejiang University of Science and Technology,Hangzhou,Zhejiang 310023,China)
出处
《电子学报》
EI
CAS
CSCD
北大核心
2019年第1期59-65,共7页
Acta Electronica Sinica
基金
浙江省自然科学基金(No.LY17F020011
No.LY18F020012)
国家自然科学基金(No.61772466
No.61672337
No.11771399)
关键词
机器学习
支持向量机
入侵检测
毒性攻击
双层优化
machine learning
SVM
intrusion detection
poisoning attack
bilevel optimization
