Strengthening IDS against Evasion Attacks with GAN-based Adversarial Samples in SDN-enabled network

21:20 19/06/2021

With the spread of the number of smart devices in the context of Smart City, Software Defined Networking (SDN) is considered as a vital principle to manage a large-scale heterogeneous network within centralized controller. To deal with cyberattacks against such networks, intrusion detection system (IDS) is built to recognize and alert to the system administrator for further appropriate response. Currently, machine learning-based IDS (ML-IDS) has been explored and is still being developed. However, these systems give a high rate of false alert and are easily deceived by sophisticated attacks such as variants of attacks containing perturbation. Therefore, it is necessary to continuously evaluate and improve these systems by simulating mutation of real-world network attack. Relied on the Generative Discriminative Networks (GANs), we introduce DIGFuPAS, a framework that generates data flow of cyberattacks capable of bypassing ML-IDS. It can generate malicious data streams that mutate from real attack traffic making the IDS undetectable. The generated traffic flow is used to retrain ML-IDS, for improving the robustness of IDS in detecting sophisticated attacks. The experiments are performed and evaluated through 2 criteria: Detection rate (DR) and F1 Score (F1) on the public dataset, named CICIDS2017. DIGFuPAS can be used for continuously pentesting and evaluating IDS’s capability once integrated as an automated sustainability test pipeline for SDN-enabled networks.

Showing a great potential in various domains, machine learning techniques are more and more used in the task of malicious network traffic detection to significantly enhance the ability of intrusion detection system (IDS). When associating with Software-Defined Networks (SDN), the deployment of IDSs can leverage the centralized control plane in...
Revolutionizing operation model of traditional network in programmability, scalability, and orchestration, Software-Defined Networking (SDN) has considered as a novel network management approach for a massive network with heterogeneous devices. However, it is also highly susceptible to security attacks like conventional network. Inspired from the success of different machine learning algorithms...