1 research outputs found
Adversarial Network Traffic: Towards Evaluating the Robustness of Deep Learning-Based Network Traffic Classification
Network traffic classification is used in various applications such as
network traffic management, policy enforcement, and intrusion detection
systems. Although most applications encrypt their network traffic and some of
them dynamically change their port numbers, Machine Learning (ML) and
especially Deep Learning (DL)-based classifiers have shown impressive
performance in network traffic classification. In this paper, we evaluate the
robustness of DL-based network traffic classifiers against Adversarial Network
Traffic (ANT). ANT causes DL-based network traffic classifiers to predict
incorrectly using Universal Adversarial Perturbation (UAP) generating methods.
Since there is no need to buffer network traffic before sending ANT, it is
generated live. We partition the input space of the DL-based network traffic
classification into three categories: packet classification, flow content
classification, and flow time series classification. To generate ANT, we
propose three new attacks injecting UAP into network traffic. AdvPad attack
injects a UAP into the content of packets to evaluate the robustness of packet
classifiers. AdvPay attack injects a UAP into the payload of a dummy packet to
evaluate the robustness of flow content classifiers. AdvBurst attack injects a
specific number of dummy packets with crafted statistical features based on a
UAP into a selected burst of a flow to evaluate the robustness of flow time
series classifiers. The results indicate injecting a little UAP into network
traffic, highly decreases the performance of DL-based network traffic
classifiers in all categories.Comment: 14 pages, 3 figures, and 7 tables. Accepted in IEEE Transactions on
Network and Service Management (TNSM). Supplementary Material:
https://github.com/amsadeghzadeh/AdversarialNetworkTraffi