SRI: A Simple Rule Induction Method for improving resiliency of DNN based IDS against adversarial and zero-day attacks

SRI: A Simple Rule Induction Method for improving resiliency of DNN based IDS against adversarial and zero-day attacks

연구 분야: Strategies

학회: CPSS '24: Proceedings of the 10th ACM Cyber-Physical System Security Workshop

Adversarial machine learning (ML) has demonstrated vulnerabilities of neural network methods against well-crafted perturbations when added to perfectly acceptable samples. These vulnerabilities get exacerbated when neural network methods are deployed as anomaly or intrusion detectors in cyber-physical systems (CPS). Due to this, mounting of zero-day attacks became much easier against neural network-based intrusion detection systems (IDS) as adversarial samples are similar to zero-day attack vectors. To alleviate some of these problems of neural network (NN) based IDSs, we propose a new rule induction method, known as simple rule induction (SRI), for classification. SRI is capable of extracting control logic in the form of threshold-based rules from CPS's historical operational data. Later, control logic was utilized to generate adversarial samples that could evade detection by a baseline neural network-based IDS. To improve the NN-based detector's resiliency against such adversarial attacks, we retrain the detectors with previously generated adversarial samples. In a specific case, retraining has improved accuracy against adversarial samples from 9% to 99%, as demonstrated by our experiments. Moreover, it was found in our experiments that adversarial training is able to improve the F1_Score of zero day attack detection method from 0.06 to 0.53.