Е-Публикации
Технически университет - София

Abstract: In recent years much research has been focused on the improvement of Network-based Intrusion Detection Systems (NIDS) through the implementation of Machine Learning (ML) approaches. However, together with the numerous assets and promising results from the use of this emerging technology in traditional security systems, novel vulnerabilities arise from the inherent nature of the incorporated ML models. In this paper one such security violation, namely the Adversarial Machine Learning (AML) attack, is studied. While on the one hand, ML can be used to improve the security of the system, conversely it can be also exploited by an adversary, who can benefit from existing ML models to develop more refined attacks in a reduced time and with greater impact. An AML attack is an ML-driven intervention that contaminates the original data for training or testing the ML model of the NIDS, and results in degradation of the performance of the security system. This paper explores the nature of AML attacks and presents a classification analysis of their main types.

References

1. O. Ibitoye, R. Abou-Khamis, M. el Shehaby, A. Matrawy, M. O. Shafiq, "The Threat of Adversarial Attacks against Machine Learning in Network Security: A Survey", Journal of Electronics and Electrical Engineering, vol. 4, no. 1, pp. 16-59, 2025.
2. N. Akhtar, A. Mian, N. Kardan, M. Shah, "Advances in Adversarial Attacks and Defenses in Computer Vision: A Survey", IEEE Access, vol. 9, pp. 155161-155196, 2021.
3. K. Eykholt et al., "Robust Physical-World Attacks on Deep Learning Visual Classification, " In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR), Salt Lake City, UT, USA, 18-23 June 2018; pp. 1625-1634.
4. A. Mahfouz, D. Venugopal, S. Shiva, "Comparative Analysis of ML Classifiers for Network Intrusion Detection", In Proceedings of the International Congress on Information and Communication Technology, London, UK, August 2019.
5. Z. Ahmad, A. Shahid Khan, C. Wai Shiang, J. Abdullah, and F. Ahmad, "Network intrusion detection system: A systematic study of machine learning and deep learning approaches", Transactions on Emerging Telecommunications Technologies, vol. 32, no. 1, 2021.
6. M. Al Lail, A. Garcia, and S. Olivo, "Machine Learning for Network Intrusion Detection-A Comparative Study", Future Internet, vol. 15, no. 7, art. no. 243, 2023.
7. H. Jmila and M. I. Khedher "Adversarial machine learning for network intrusion detection: A comparative study", Computer Networks, vol. 214, art. no. 109073, 2022.
8. S. Sharma and Z. Chen, "A Systematic Study of Adversarial Attacks Against Network Intrusion Detection Systems" Electronics, vol. 13, no. 24, art. no. 5030, 2024.
9. E. Tabassi, K. J. Burns, M. Hadjimichael, A. D. Molina-Markham, and J. T. Sexton, "A taxonomy and terminology of adversarial machine learning" NIST IR, 2019, pp. 1-29.
10. H. Khazane, M. Ridouani, F. Salahdine, and N. Kaabouch, "A Holistic Review of Machine Learning Adversarial Attacks in IoT Networks", Future Internet, vol. 16, no. 1, art. no. 32.

Issue