引用本文
  • 何元康,马海龙,江逸茗,尹梓诺,曲彦泽,卜佑军,张进.入侵检测模型对抗样本攻击及防御综述[J].信息安全学报,已采用    [点击复制]
  • HeYuanKang,Ma Hai Long,Jiang Yi Ming,Yin Zi Nuo,Qu Yan Ze,Bu You Jun,Zhang Jin.A view of Adversarial attack and defence In Network Intrusion Detection[J].Journal of Cyber Security,Accept   [点击复制]
【打印本页】 【下载PDF全文】 查看/发表评论下载PDF阅读器关闭

过刊浏览    高级检索

本文已被:浏览 9065次   下载 0  
入侵检测模型对抗样本攻击及防御综述
何元康1, 马海龙1, 江逸茗1, 尹梓诺1, 曲彦泽1, 卜佑军1, 张进2
0
(1.解放军战略支援部队信息工程大学;2.网络通信与安全紫金山实验室)
摘要:
随着人工智能技术的发展,入侵检测技术结合深度学习后,在特征提取、未知网络威胁检测等方面较传统基于统计的方法有了很大提升,解决了传统入侵检测技术对未知威胁不敏感的问题。但随着对异常流量检测的深入研究,研究者发现基于深度学习的异常流量检测领域也面临着对输入进行细微干扰而导致模型预测错误的对抗样本攻击。流量检测领域对抗样本攻击技术难度要求较高,还需对抗样本满足可用性和恶意性,因此对抗攻击和防御更加困难。现有对抗样本攻击集中于图像、语音及文本领域,对于流量识别领域的相关研究相对分散且数量较少,为系统阐述流量检测对抗样本问题,对攻击方式进行了归纳,并提出根据对抗生成方式的不同而划分为以图像为媒介和基于流量扰动的对抗生成;其次,按攻防方法作用于人工智能识别模型的不同阶段进行了归纳,并对比了现有攻防方法的特点及效果;最后,总结了攻防双方现阶段的不足,并在现有研究的基础上,对未来攻防双方在该方向的发展提出展望。
关键词:  入侵检测  对抗样本攻击  人工智能  流量识别
DOI:
投稿时间:2023-06-12修订日期:2023-09-11
基金项目:国家自然科学基金项目(No. 62176264)
A view of Adversarial attack and defence In Network Intrusion Detection
HeYuanKang1, Ma Hai Long1, Jiang Yi Ming1, Yin Zi Nuo1, Qu Yan Ze1, Bu You Jun1, Zhang Jin2
(1.PLA Strategic Support Force Information Engineering University;2.Purple Mountain Laboratories)
Abstract:
With the development of artificial intelligence technology, the intrusion detection techniques combined with deep learning methods have greatly improved in many aspects such as feature extraction and detection of unknown network threats compared to traditional statistical-based methods, which solves the problem that traditional intrusion detection system is not sensitive to the threats that have not been detected before. However, with the constantly study of abnormal traffic detection, researchers found that in the field of malicious traffic detection based on deep learning, there is also the threat of adversarial example attack that slightly interferes with the input and leads to the wrong prediction of the model. At present, the technical difficulty of adversarial example attacks in the field of traffic detection is higher, and it is necessary for traffic to adversarial example to meet availability and malice, so it is more difficult to adversarial attacks and defend against them than in the above fields. Most of the adversarial example attacks are focused on image, voice and text detection, and the related research on adversarial example attacks in the field of traffic identification is relatively scattered and fewer in number, the attack methods are summarized in order to systematically explain the problem of adversarial example in the field of traffic detection, and it is proposed that they can be divided into image-based adversarial example generation and traffic-based disturbance adversarial example generation according to two ways of generation; Secondly, it is sorted according to the different stages of attack and defense methods acting on artificial intelligence identification model, and the characteristics and effects of attack and defense methods used in existing research are summarized; At last, it summarizes the deficiencies of the two sides at the present stage, and on the basis of the existing research, puts forward the prospect of the future development of two sides in this direction.
Key words:  intrusion detection  adversarial attacks  artificial intelligence  traffic?identification