Are Machine Learning Based Intrusion Detection System Always Secure? An insight into tampered learning

Rupam Kumar Sharma, H. R. Kalita, Biju Issac

    Research output: Contribution to journalArticlepeer-review

    168 Downloads (Pure)

    Abstract

    Machine Learning is successful in many applications including securing a network from unseen attack. The application of learning algorithm for detecting anomaly in a Network has been fundamental since few years. With increasing use of machine learning techniques it has become important to study to what extent it is good to be dependent on them. Altogether a different discipline called ‘Adversarial Learning’ have come up as a separate dimension of study. The work in this paper is to test the robustness of online machine learning based IDS to carefully crafted packets by attacker called poison packets. The objective is to observe how a remote attacker can deviate the normal behavior of machine learning based classifier in the IDS by injecting the network with carefully crafted packets externally, that may seem normal by the classification algorithm and the instance made part of its future training set. This behavior eventually can lead to a poison learning by the classification algorithm in the long run, resulting in misclassification of true attack instances. This work explores one such approach with SOM and SVM as the online learning based classification algorithms.
    Original languageEnglish
    Pages (from-to)3635-3651
    Number of pages17
    Journal Journal of Intelligent and Fuzzy Systems
    Volume35
    Issue number3
    Early online date17 Aug 2018
    DOIs
    Publication statusE-pub ahead of print - 17 Aug 2018

    Fingerprint

    Dive into the research topics of 'Are Machine Learning Based Intrusion Detection System Always Secure? An insight into tampered learning'. Together they form a unique fingerprint.

    Cite this