Security Evaluation of Support Vector Machines in Adversarial Environments

Support Vector Machines (SVMs) are among the most popular classification techniques adopted in security applications like malware detection, intrusion detection, and spam filtering. However, if SVMs are to be incorporated in real-world security systems, they must be able to cope with attack patterns that can either mislead the learning algorithm (poisoning), evade detection (evasion), or gain information about their internal parameters (privacy breaches). The main contributions of this chapter are twofold. First, we introduce a formal general framework for the empirical evaluation of the security of machine-learning systems. Second, according to our framework, we demonstrate the feasibility of evasion, poisoning and privacy attacks against SVMs in real-world security problems. For each attack technique, we evaluate its impact and discuss whether (and how) it can be countered through an adversary-aware design of SVMs. Our experiments are easily reproducible thanks to open-source code that we have made available, together with all the employed datasets, on a public repository.Comment: 47 pages, 9 figures; chapter accepted into book 'Support Vector Machine Applications

Performance Metrics for Network Intrusion Systems

Intrusion systems have been the subject of considerable research during the past 33 years, since the original work of Anderson. Much has been published attempting to improve their performance using advanced data processing techniques including neural nets, statistical pattern recognition and genetic algorithms. Whilst some significant improvements have been achieved they are often the result of assumptions that are difficult to justify and comparing performance between different research groups is difficult. The thesis develops a new approach to defining performance focussed on comparing intrusion systems and technologies. A new taxonomy is proposed in which the type of output and the data scale over which an intrusion system operates is used for classification. The inconsistencies and inadequacies of existing definitions of detection are examined and five new intrusion levels are proposed from analogy with other detection-based technologies. These levels are known as detection, recognition, identification, confirmation and prosecution, each representing an increase in the information output from, and functionality of, the intrusion system. These levels are contrasted over four physical data scales, from application/host through to enterprise networks, introducing and developing the concept of a footprint as a pictorial representation of the scope of an intrusion system. An intrusion is now defined as “an activity that leads to the violation of the security policy of a computer system”. Five different intrusion technologies are illustrated using the footprint with current challenges also shown to stimulate further research. Integrity in the presence of mixed trust data streams at the highest intrusion level is identified as particularly challenging. Two metrics new to intrusion systems are defined to quantify performance and further aid comparison. Sensitivity is introduced to define basic detectability of an attack in terms of a single parameter, rather than the usual four currently in use. Selectivity is used to describe the ability of an intrusion system to discriminate between attack types. These metrics are quantified experimentally for network intrusion using the DARPA 1999 dataset and SNORT. Only nine of the 58 attack types present were detected with sensitivities in excess of 12dB indicating that detection performance of the attack types present in this dataset remains a challenge. The measured selectivity was also poor indicting that only three of the attack types could be confidently distinguished. The highest value of selectivity was 3.52, significantly lower than the theoretical limit of 5.83 for the evaluated system. Options for improving selectivity and sensitivity through additional measurements are examined.Stochastic Systems Lt

Wild Patterns: Ten Years After the Rise of Adversarial Machine Learning

Learning-based pattern classifiers, including deep networks, have shown impressive performance in several application domains, ranging from computer vision to cybersecurity. However, it has also been shown that adversarial input perturbations carefully crafted either at training or at test time can easily subvert their predictions. The vulnerability of machine learning to such wild patterns (also referred to as adversarial examples), along with the design of suitable countermeasures, have been investigated in the research field of adversarial machine learning. In this work, we provide a thorough overview of the evolution of this research area over the last ten years and beyond, starting from pioneering, earlier work on the security of non-deep learning algorithms up to more recent work aimed to understand the security properties of deep learning algorithms, in the context of computer vision and cybersecurity tasks. We report interesting connections between these apparently-different lines of work, highlighting common misconceptions related to the security evaluation of machine-learning algorithms. We review the main threat models and attacks defined to this end, and discuss the main limitations of current work, along with the corresponding future challenges towards the design of more secure learning algorithms.Comment: Accepted for publication on Pattern Recognition, 201

Intrusion detection by machine learning = Behatolás detektálás gépi tanulás által

Since the early days of information technology, there have been many stakeholders who used the technological capabilities for their own benefit, be it legal operations, or illegal access to computational assets and sensitive information. Every year, businesses invest large amounts of effort into upgrading their IT infrastructure, yet, even today, they are unprepared to protect their most valuable assets: data and knowledge. This lack of protection was the main reason for the creation of this dissertation. During this study, intrusion detection, a field of information security, is evaluated through the use of several machine learning models performing signature and hybrid detection. This is a challenging field, mainly due to the high velocity and imbalanced nature of network traffic. To construct machine learning models capable of intrusion detection, the applied methodologies were the CRISP-DM process model designed to help data scientists with the planning, creation and integration of machine learning models into a business information infrastructure, and design science research interested in answering research questions with information technology artefacts. The two methodologies have a lot in common, which is further elaborated in the study. The goals of this dissertation were two-fold: first, to create an intrusion detector that could provide a high level of intrusion detection performance measured using accuracy and recall and second, to identify potential techniques that can increase intrusion detection performance. Out of the designed models, a hybrid autoencoder + stacking neural network model managed to achieve detection performance comparable to the best models that appeared in the related literature, with good detections on minority classes. To achieve this result, the techniques identified were synthetic sampling, advanced hyperparameter optimization, model ensembles and autoencoder networks. In addition, the dissertation set up a soft hierarchy among the different detection techniques in terms of performance and provides a brief outlook on potential future practical applications of network intrusion detection models as well

The Rise of Crypto Malware: Leveraging Machine Learning Techniques to Understand the Evolution, Impact, and Detection of Cryptocurrency-Related Threats

Crypto malware has become a major threat to the security of cryptocurrency holders and exchanges. As the popularity of cryptocurrency continues to rise, so too does the number and sophistication of crypto malware attacks. This paper leverages machine learning techniques to understand the evolution, impact, and detection of cryptocurrency-related threats. We analyse the different types of crypto malware, including ransomware, crypto jacking, and supply chain attacks, and explore the use of machine learning algorithms for detecting and preventing these threats. Our research highlights the importance of using machine learning for detecting crypto malware and compares the effectiveness of traditional methods with deep learning techniques. Through this analysis, we aim to provide insights into the growing threat of crypto malware and the potential benefits of using machine learning in combating these attacks

Cyber Crime Detection and Prevention Techniques on Cyber Cased Objects Using SVM and Smote

Conventional cybersecurity employs crime prevention mechanisms over distributed networks. This demands crime event management at the network level where Detection and Prevention of cybercrimes is a must. A new Framework IDSEM has been introduced in this paper to handle the contemporary heterogeneous objects in cloud environment. This may aid for deployment of analytical tools over the network. A supervised machine learning algorithm like SVM has been implemented to support IDSEM. A machine learning technique Like SMOTE has been implemented to handle imbalanced classification of the sample data. This approach addresses imbalanced datasets by oversampling the minority classes. This will help to solve Social Engineering Attacks (SEA) like Phishing and Vishing. Classification mechanisms like decision trees and probability functions are used in this context. The IDSEM framework could minimize traffic across the cloud network and detect cybercrimes maximally. When results were compared with existing approaches, the results were found to be good, leading to the development of a unique SMOTE algorithm

Investigating the effectiveness of novel support vector neural network for anomaly detection in digital forensics data

As criminal activity increasingly relies on digital devices, the field of digital forensics plays a vital role in identifying and investigating criminals. In this paper, we addressed the problem of anomaly detection in digital forensics data. Our objective was to propose an effective approach for identifying suspicious patterns and activities that could indicate criminal behavior. To achieve this, we introduce a novel method called the Novel Support Vector Neural Network (NSVNN). We evaluated the performance of the NSVNN by conducting experiments on a real-world dataset of digital forensics data. The dataset consisted of various features related to network activity, system logs, and file metadata. Through our experiments, we compared the NSVNN with several existing anomaly detection algorithms, including Support Vector Machines (SVM) and neural networks. We measured and analyzed the performance of each algorithm in terms of the accuracy, precision, recall, and F1-score. Furthermore, we provide insights into the specific features that contribute significantly to the detection of anomalies. Our results demonstrated that the NSVNN method outperformed the existing algorithms in terms of anomaly detection accuracy. We also highlight the interpretability of the NSVNN model by analyzing the feature importance and providing insights into the decision-making process. Overall, our research contributes to the field of digital forensics by proposing a novel approach, the NSVNN, for anomaly detection. We emphasize the importance of both performance evaluation and model interpretability in this context, providing practical insights for identifying criminal behavior in digital forensics investigations. © 2023 by the authors