Deep Neural Network Based Malicious Network Activity Detection Under Adversarial Machine Learning Attacks

Abstract

Machine learning-based computational intelligence methods are used more often recently in the cybersecurity area, especially for malicious network activity detection. ML based solutions have been used and discussed by a significant number of authors in literature. Several methods, including deep learning, are used to develop models for solving this issue. So far, attackers try to generate malicious activities in a network to put down several system services or steal some information from the databases. More recent designs of security components use predictive modeling approach to detect such kind of attacks. Thus, the new target for the attackers is machine learning algorithm itself. Previous studies in cybersecurity have almost exclusively focused on attack detection in a network. Another promising line of attack detection research would be machine learning algorithm protection. There are some attacks against deep learning models in the literature, including fast-gradient sign method (FGSM) attack. This attack is the purest form of the gradient-based evading technique that is used by attackers to evade the classification model. This paper presents a new approach to protect a malicious activity detection model from the FGSM attack. Hence, we explore the power of applying adversarial training to build a robust model against FGSM attacks. Accordingly, (1) dataset enhanced with the adversarial examples; (2) deep neural network-based detection model is trained using the KDDCUP99 dataset to learn the FGSM based attack patterns. We applied this training model to the benchmark cyber security dataset.