Analysis of neural network detectors for network attacks

Qingtian Zou, Lan Zhang, Anoop Singhal, Xiaoyan Sun, Peng Liu

Research output: Contribution to journalArticlepeer-review

Abstract

While network attacks play a critical role in many advanced persistent threat (APT) campaigns, an arms race exists between the network defenders and the adversary: to make APT campaigns stealthy, the adversary is strongly motivated to evade the detection system. However, new studies have shown that neural network is likely a game-changer in the arms race: neural network could be applied to achieve accurate, signature-free, and low-false-alarm-rate detection. In this work, we investigate whether the adversary could fight back during the next phase of the arms race. In particular, noticing that none of the existing adversarial example generation methods could generate malicious packets (and sessions) that can simultaneously compromise the target machine and evade the neural network detection model, we propose a novel attack method to achieve this goal. We have designed and implemented the new attack. We have also used Address Resolution Protocol (ARP) Poisoning and Domain Name System (DNS) Cache Poisoning as the case study to demonstrate the effectiveness of the proposed attack.

Original languageEnglish (US)
Pages (from-to)193-220
Number of pages28
JournalJournal of Computer Security
Volume32
Issue number3
DOIs
StatePublished - Jun 17 2024
Externally publishedYes

Keywords

  • adversarial example
  • Network attack
  • neural network

ASJC Scopus subject areas

  • Software
  • Safety, Risk, Reliability and Quality
  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Analysis of neural network detectors for network attacks'. Together they form a unique fingerprint.

Cite this