In recent years machine learning algorithms, and more specifically deep learning algorithms, have been widely used in many fields, including cyber security. However, machine learning systems are vulnerable to adversarial attacks, and this limits the application of machine learning, especially in non-stationary, adversarial environments, such as the cyber security domain, where actual adversaries (e.g., malware developers) exist. This paper comprehensively summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques and illuminates the risks they pose. First, the adversarial attack methods are characterized based on their stage of occurrence, and the attacker's goals and capabilities. Then, we categorize the applications of adversarial attack and defense methods in the cyber security domain. Finally, we highlight some characteristics identified in recent research and discuss the impact of recent advancements in other adversarial learning domains on future research directions in the cyber security domain. This paper is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain, map them in a unified taxonomy, and use the taxonomy to highlight future research directions.
翻译:近年来,在包括网络安全在内的许多领域广泛使用了机器学习算法,更具体地说是深层次的学习算法。然而,机器学习系统很容易受到对抗性攻击,这限制了机器学习的应用,特别是在非静止的、对抗性的环境中,例如网络安全领域,实际对手(如恶意软件开发者)在其中存在;本文件全面概述了关于以机器学习技术为基础对安全解决办法进行对抗性攻击的最新研究,并说明了这些攻击方法构成的风险。首先,对敌对性攻击方法根据其发生阶段和攻击者的目标和能力加以定性。然后,我们将对抗性攻击和防御方法在网络安全领域的应用分类。最后,我们强调最近研究确定的一些特点,并讨论其他对抗性学习领域最近的进展对网络安全领域未来研究方向的影响。本文件首先讨论在网络安全领域实施端对端对抗性攻击的独特挑战,用统一的分类法绘制这些方法的特征,并使用分类法来突出未来的研究方向。