<p>The swift incorporation of cutting edge technologies has expanded the range for a potential adversary to conduct adaptive attacks against systems and despite progress in detection, machine learning based security remains vulnerable, highlighting the need for more robust and reliable defense methods. Existing DDoS detection techniques are not resilient against adaptive adversarial manipulation and instead concentrate on accuracy under benign circumstances. To defend against adversarial attacks, this paper presents a reliable and comprehensible intrusion detection paradigm and to improve detection transparency and reliability, the suggested method utilizes Graph Neural Networks (GNNs), Deep Neural Network (DNN), DeepFool, First Gradient Sign Method (FGSM) and an ensemble-based (DeepFool with FGSM) adversarial training procedure, we introduce a novel adversarial dataset, AdvCICDDoS2019, constructed by injecting four types of adversarial attacks, Adversarial Perturbation (AP), Adversarial Outlier Injection (AOI), Adversarial Noise Injection (ANI), and Adversarial Benign (AB), into the original CICDDoS2019 dataset. During training, adversarial perturbations based on DeepFool and FGSM are combined to improve robustness, while SHAP and LIME are utilized to offer both extensive and instance-level interpretability and the extensive experimental tests show that the proposed framework threefold exceeds current methods by between 4% and 12% in a range of attack scenarios. The model is quite resilient against smartly constructed traffic, with a detection accuracy of up to 97% under hostile settings. The results further demonstrate that the reliability of the model is improved by adding explainable adversarial defense mechanisms and adding graph-aware learning improves the system’s ability to recognize complex traffic connections, leading to more transparent and robust IoT intrusion detection.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

An optimized graph neural network approach for robust and explainable IoT intrusion detection against adversarial attacks

  • Uzma Ghulam Mohammad,
  • Adil Afzal,
  • Saleh Alghamdi,
  • Anila Amjad,
  • Saud Yonbawi,
  • Muhammad Rizwan,
  • Ovidiu Bagdasar,
  • Kadar Manuella

摘要

The swift incorporation of cutting edge technologies has expanded the range for a potential adversary to conduct adaptive attacks against systems and despite progress in detection, machine learning based security remains vulnerable, highlighting the need for more robust and reliable defense methods. Existing DDoS detection techniques are not resilient against adaptive adversarial manipulation and instead concentrate on accuracy under benign circumstances. To defend against adversarial attacks, this paper presents a reliable and comprehensible intrusion detection paradigm and to improve detection transparency and reliability, the suggested method utilizes Graph Neural Networks (GNNs), Deep Neural Network (DNN), DeepFool, First Gradient Sign Method (FGSM) and an ensemble-based (DeepFool with FGSM) adversarial training procedure, we introduce a novel adversarial dataset, AdvCICDDoS2019, constructed by injecting four types of adversarial attacks, Adversarial Perturbation (AP), Adversarial Outlier Injection (AOI), Adversarial Noise Injection (ANI), and Adversarial Benign (AB), into the original CICDDoS2019 dataset. During training, adversarial perturbations based on DeepFool and FGSM are combined to improve robustness, while SHAP and LIME are utilized to offer both extensive and instance-level interpretability and the extensive experimental tests show that the proposed framework threefold exceeds current methods by between 4% and 12% in a range of attack scenarios. The model is quite resilient against smartly constructed traffic, with a detection accuracy of up to 97% under hostile settings. The results further demonstrate that the reliability of the model is improved by adding explainable adversarial defense mechanisms and adding graph-aware learning improves the system’s ability to recognize complex traffic connections, leading to more transparent and robust IoT intrusion detection.