Employing Deep Ensemble Learning for Improving the Security of Computer Networks against Adversarial Attacks

Journal article (2023)

Authors

Ehsan Nowroozi Bahçeşehir Üniversitesi
Mohammadreza Mohammadi Università degli Studi di Padova
Erkay Savas Sabanci University
Yassine Mekdad Florida International University
M. Conti University of Padua, University of Washington, Cyber Security - EEMCS
Research Group
Cyber Security (EEMCS) (TU Delft)
Copyright: © 2023 Ehsan Nowroozi, Mohammadreza Mohammadi, Erkay Savas, Yassine Mekdad, M. Conti
DOI: https://doi.org/10.1109/TNSM.2023.3267831
Adversarial Machine Learning Cybersecurity Forensics Computer architecture Training Adversarial Examples Computer security Support vector machines Convolutional neural networks Adversarial Attacks Computer networks Counter-Forensics Deep-Learning Security Ensemble Classifiers Secure Classification
More Info
expand_more

Published Date

2023

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Electrical Engineering, Mathematics and Computer Science

Department

Intelligent Systems

Research Group

Cyber Security

Abstract

In the past few years, Convolutional Neural Networks (CNN) have demonstrated promising performance in various real-world cybersecurity applications, such as network and multimedia security. However, the underlying fragility of CNN structures poses major security problems, making them inappropriate for use in security-oriented applications, including computer networks. Protecting these architectures from adversarial attacks necessitates using security-wise architectures that are challenging to attack. In this study, we present a novel architecture based on an ensemble classifier that combines the enhanced security of 1-Class classification (known as 1C) with the high performance of conventional 2-Class classification (known as 2C) in the absence of attacks. Our architecture is referred to as the 1.5-Class (cmb-classifier) classifier and is constructed using a final dense classifier, one 2C classifier (i.e., CNNs), and two parallel 1C classifiers (i.e., auto-encoders). In our experiments, we evaluated the robustness of our proposed architecture by considering eight possible adversarial attacks in various scenarios. We performed these attacks on the 2C and cmb-classifier architectures separately. The experimental results of our study showed that the Attack Success Rate (ASR) of the I-FGSM attack against a 2C classifier trained with the N-BaIoT dataset is 0.9900. In contrast, the ASR is 0.0000 for the cmb-classifier.