对抗攻击威胁基于卷积神经网络的网络流量分类

Adversarial Attacks Threatened Network Traffic Classification Based on CNN

深度学习算法被广泛地应用于网络流量分类,具有较好的分类效果,应用卷积神经网络不仅能大幅提高网络流量分类的准确性,还能简化其分类过程。然而,神经网络面临着对抗攻击等安全威胁,这些安全威胁对基于神经网络的网络流量分类的影响有待进一步的研究和验证。文中提出了基于卷积神经网络的网络流量分类的对抗攻击方法,通过对由网络流量转换成的深度学习输入图像添加人眼难以识别的扰动,使得卷积神经网络对网络流量产生错误的分类。同时,针对这种攻击方法,文中也提出了基于混合对抗训练的防御措施,将对抗攻击形成的对抗流量样本和原始流量样本混合训练以增强分类模型的鲁棒性。文中采用公开数据集进行实验,实验结果表明,所提对抗攻击方法能导致基于卷积神经网络的网络流量分类方法的准确率急剧下降,通过混合对抗训练则能够有效地抵御对抗攻击,从而提高模型的鲁棒性。

Deep learning algorithm is widely used in network traffic classification,which has good classification effect.Convolutional neural network can not only greatly improve the accuracy of network traffic classification,but also simplify the classification process.However,neural network is faced with security threats such as adversarial attack.The impact of these security threats on network traffic classification based on neural network needs to be further researched and verified.This paper proposes an adversarial attack method for network traffic classification based on convolutional neural network.By adding the disturbance which is difficult to recognize by human eyes to the deep learning input image converted from network traffic,it makes convolutional neural network misclassify network traffic.At the same time,to this attack method,this paper also proposes a defense method based on mixed adversarial training,which combines the adversarial traffic samples generated by adversarial attack and the original traffic samples to enhance the robustness of the classification model.We evaluate the proposed method on public data sets.The experimental results show that the proposed adversarial attack method can cause a sharply drop in the accuracy of the network traffic classification method based on convolutional neural network,and the proposed mixed adversarial attack training can effectively resist the adversarial attack,so as to improve the robustness of the network traffic classification model.