The Deep Neural Networks(DNN)training process is widely affected by backdoor attacks.The backdoor attack is excellent at concealing its identity in the DNN by performing well on regular samples and displaying maliciou...The Deep Neural Networks(DNN)training process is widely affected by backdoor attacks.The backdoor attack is excellent at concealing its identity in the DNN by performing well on regular samples and displaying malicious behavior with data poisoning triggers.The state-of-art backdoor attacks mainly follow a certain assumption that the trigger is sample-agnostic and different poisoned samples use the same trigger.To overcome this problem,in this work we are creating a backdoor attack to check their strength to withstand complex defense strategies,and in order to achieve this objective,we are developing an improved Convolutional Neural Network(ICNN)model optimized using a Gradient-based Optimization(GBO)(ICNN-GBO)algorithm.In the ICNN-GBO model,we are injecting the triggers via a steganography and regularization technique.We are generating triggers using a single-pixel,irregular shape,and different sizes.The performance of the proposed methodology is evaluated using different performance metrics such as Attack success rate,stealthiness,pollution index,anomaly index,entropy index,and functionality.When the CNN-GBO model is trained with the poisoned dataset,it will map the malicious code to the target label.The proposed scheme’s effectiveness is verified by the experiments conducted on both the benchmark datasets namely CIDAR-10 andMSCELEB 1M dataset.The results demonstrate that the proposed methodology offers significant defense against the conventional backdoor attack detection frameworks such as STRIP and Neutral cleanse.展开更多
Detecting the anomalous entity in real-time network traffic is a popular area of research in recent times.Very few researches have focused on creating malware that fools the intrusion detection system and this paper f...Detecting the anomalous entity in real-time network traffic is a popular area of research in recent times.Very few researches have focused on creating malware that fools the intrusion detection system and this paper focuses on this topic.We are using Deep Convolutional Generative Adversarial Networks(DCGAN)to trick the malware classifier to believe it is a normal entity.In this work,a new dataset is created to fool the Artificial Intelligence(AI)based malware detectors,and it consists of different types of attacks such as Denial of Service(DoS),scan 11,scan 44,botnet,spam,User Datagram Portal(UDP)scan,and ssh scan.The discriminator used in the DCGAN discriminates two different attack classes(anomaly and synthetic)and one normal class.The model collapse,instability,and vanishing gradient issues associated with the DCGAN are overcome using the proposed hybrid Aquila optimizer-based Mine blast harmony search algorithm(AO-MBHS).This algorithm helps the generator to create realistic malware samples to be undetected by the discriminator.The performance of the proposed methodology is evaluated using different performance metrics such as training time,detection rate,F-Score,loss function,Accuracy,False alarm rate,etc.The superiority of the hybrid AO-MBHS based DCGAN model is noticed when the detection rate is changed to 0 after the retraining method to make the defensive technique hard to be noticed by the malware detection system.The support vector machines(SVM)is used as the malicious traffic detection application and its True positive rate(TPR)goes from 80%to 0%after retraining the proposed model which shows the efficiency of the proposed model in hiding the samples.展开更多
基金This project was funded by the Deanship of Scientific Research(DSR)at King Abdulaziz University,Jeddah,under Grant No.(RG-91-611-42).
文摘The Deep Neural Networks(DNN)training process is widely affected by backdoor attacks.The backdoor attack is excellent at concealing its identity in the DNN by performing well on regular samples and displaying malicious behavior with data poisoning triggers.The state-of-art backdoor attacks mainly follow a certain assumption that the trigger is sample-agnostic and different poisoned samples use the same trigger.To overcome this problem,in this work we are creating a backdoor attack to check their strength to withstand complex defense strategies,and in order to achieve this objective,we are developing an improved Convolutional Neural Network(ICNN)model optimized using a Gradient-based Optimization(GBO)(ICNN-GBO)algorithm.In the ICNN-GBO model,we are injecting the triggers via a steganography and regularization technique.We are generating triggers using a single-pixel,irregular shape,and different sizes.The performance of the proposed methodology is evaluated using different performance metrics such as Attack success rate,stealthiness,pollution index,anomaly index,entropy index,and functionality.When the CNN-GBO model is trained with the poisoned dataset,it will map the malicious code to the target label.The proposed scheme’s effectiveness is verified by the experiments conducted on both the benchmark datasets namely CIDAR-10 andMSCELEB 1M dataset.The results demonstrate that the proposed methodology offers significant defense against the conventional backdoor attack detection frameworks such as STRIP and Neutral cleanse.
基金This project was funded by the Deanship of Scientific Research(DSR)at King Abdulaziz University,Jeddah,under Grant No.RG-91-611-42.
文摘Detecting the anomalous entity in real-time network traffic is a popular area of research in recent times.Very few researches have focused on creating malware that fools the intrusion detection system and this paper focuses on this topic.We are using Deep Convolutional Generative Adversarial Networks(DCGAN)to trick the malware classifier to believe it is a normal entity.In this work,a new dataset is created to fool the Artificial Intelligence(AI)based malware detectors,and it consists of different types of attacks such as Denial of Service(DoS),scan 11,scan 44,botnet,spam,User Datagram Portal(UDP)scan,and ssh scan.The discriminator used in the DCGAN discriminates two different attack classes(anomaly and synthetic)and one normal class.The model collapse,instability,and vanishing gradient issues associated with the DCGAN are overcome using the proposed hybrid Aquila optimizer-based Mine blast harmony search algorithm(AO-MBHS).This algorithm helps the generator to create realistic malware samples to be undetected by the discriminator.The performance of the proposed methodology is evaluated using different performance metrics such as training time,detection rate,F-Score,loss function,Accuracy,False alarm rate,etc.The superiority of the hybrid AO-MBHS based DCGAN model is noticed when the detection rate is changed to 0 after the retraining method to make the defensive technique hard to be noticed by the malware detection system.The support vector machines(SVM)is used as the malicious traffic detection application and its True positive rate(TPR)goes from 80%to 0%after retraining the proposed model which shows the efficiency of the proposed model in hiding the samples.
