In the past few years, Convolutional Neural Networks (CNN) have demonstrated promising performance in various real-world cybersecurity applications, such as network and multimedia security. However, the underlying fragility of CNN structures poses major security problems, making them inappropriate for use in security-oriented applications including such computer networks. Protecting these architectures from adversarial attacks necessitates using security-wise architectures that are challenging to attack. In this study, we present a novel architecture based on an ensemble classifier that combines the enhanced security of 1-Class classification (known as 1C) with the high performance of conventional 2-Class classification (known as 2C) in the absence of attacks.Our architecture is referred to as the 1.5-Class (SPRITZ-1.5C) classifier and constructed using a final dense classifier, one 2C classifier (i.e., CNNs), and two parallel 1C classifiers (i.e., auto-encoders). In our experiments, we evaluated the robustness of our proposed architecture by considering eight possible adversarial attacks in various scenarios. We performed these attacks on the 2C and SPRITZ-1.5C architectures separately. The experimental results of our study showed that the Attack Success Rate (ASR) of the I-FGSM attack against a 2C classifier trained with the N-BaIoT dataset is 0.9900. In contrast, the ASR is 0.0000 for the SPRITZ-1.5C classifier.
翻译:过去几年中,卷积神经网络(CNN)在各种实际网络和多媒体安全应用中表现出了很好的性能。然而,CNN结构的固有脆弱性引发了一系列安全问题,使它们不适用于网络安全等面向安全的应用。保护这些架构免受对抗性攻击需要使用安全型架构,这些架构更难受到攻击。本研究提出了一种基于集成分类器的新型结构,该结构将增强的1类分类(称为1C)的安全性与传统2类分类(称为2C)的高性能相结合,以在没有攻击的情况下实现提高计算机网络的安全性。我们的结构被称为1.5类(SPRITZ-1.5C)分类器,它是使用一个最终稠密分类器、一个2C分类器(即CNN)、两个并行的1C分类器(即自编码器)构建的。在我们的实验中,我们通过考虑各种情况下的8种可能的对抗性攻击来评估我们提出的体系结构的鲁棒性。我们将这些攻击分别在2C和SPRITZ-1.5C结构上执行。本研究的实验结果表明,在使用N-BaIoT数据集训练的2C分类器上,I-FGSM攻击的攻击成功率(ASR)为0.9900。相比之下,SPRITZ-1.5C分类器的ASR为0.0000。
相关内容
微信扫码咨询专知VIP会员