Classification of Adversarial Attacks Using Ensemble Clustering Approach

Abstract

As more business transactions and information services have been implemented via communication networks, both personal and organization assets encounter a higher risk of attacks. To safeguard these, a perimeter defence like NIDS (network-based intrusion detection system) can be effective for known intrusions. There has been a great deal of attention within the joint community of security and data science to improve machine-learning based NIDS such that it becomes more accurate for adversarial attacks, where obfuscation techniques are applied to disguise patterns of intrusive traffics. The current research focuses on non-payload connections at the TCP (transmission control protocol) stack level that is applicable to different network applications. In contrary to the wrapper method introduced with the benchmark dataset, three new filter models are proposed to transform the feature space without knowledge of class labels. These ECT (ensemble clustering based transformation) techniques, i.e., ECT-Subspace, ECT-Noise and ECT-Combined, are developed using the concept of ensemble clustering and three different ensemble generation strategies, i.e., random feature subspace, feature noise injection and their combinations. Based on the empirical study with published dataset and four classification algorithms, new models usually outperform that original wrapper and other filter alternatives found in the literature. This is similarly summarized from the first experiment with basic classification of legitimate and direct attacks, and the second that focuses on recognizing obfuscated intrusions. In addition, analysis of algorithmic parameters, i.e., ensemble size and level of noise, is provided as a guideline for a practical use.

Publication DOI: https://doi.org/10.32604/cmc.2023.024858
Divisions: College of Engineering & Physical Sciences
College of Engineering & Physical Sciences > School of Computer Science and Digital Technologies > Software Engineering & Cybersecurity
College of Engineering & Physical Sciences > School of Computer Science and Digital Technologies
Aston University (General)
Funding Information: Funding Statement: This work is funded by Newton Institutional Link 2020–21 project (NRCT and British Council) and the corresponding author is the project PI. This paper invents and evaluates an ensemble-based data transformation method on network securit
Additional Information: © 2022. This work is licensed under a Creative Commons Attribution 4.0 International License https://creativecommons.org/licenses/by/4.0/, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. Funding Information This work is funded by Newton Institutional Link 2020–21 project (NRCT and British Council) and the corresponding author is the project PI. This paper invents and evaluates an ensemble-based data transformation method on network security data (guided by Dr Naik and Dr Yang), then it will be further exploited to classify burnt scar samples in remote sensing images. The authors would like to thank Prof. Qiang Shen and his team at Aberystwyth University for consultation, and Thai partners (GISTDA, DTI, Department of Forestry and RMUTL Chiang Rai) for support.
Uncontrolled Keywords: adversarial attack,ensemble clustering,feature transformation,Intrusion detection,machine learning,Biomaterials,Modelling and Simulation,Mechanics of Materials,Computer Science Applications,Electrical and Electronic Engineering
Publication ISSN: 1546-2226
Last Modified: 11 Nov 2024 08:44
Date Deposited: 02 Dec 2022 14:28
Full Text Link:
Related URLs: https://www.tec ... 74n2/50187/html (Publisher URL)
PURE Output Type: Article
Published Date: 2023
Published Online Date: 2022-10-31
Accepted Date: 2022-05-05
Authors: Tatongjai, Pongsakorn
Boongoen, Tossapon
Iam-On, Natthakan
Naik, Nitin (ORCID Profile 0000-0002-0659-9646)
Yang, Longzhi

Download

[img]

Version: Published Version

License: Creative Commons Attribution

| Preview

Export / Share Citation


Statistics

Additional statistics for this record