Sophon IDS: Mitigating the Effectiveness of GAN-based Attacks via Tailored Misinformation
Abstract
In the realm of safeguarding real networks against malicious activities, Intrusion Detection System (IDS) assumes a critical role. Despite the advancements brought about by machine learning and deep learning in enhancing its performance, IDS is still vulnerable to adversarial samples stemming from Generative Adversarial Network (GAN). IDSGAN is one of the most effective attacking schemes that are based on GAN. In this thesis, we propose a novel anti-IDSGAN method, Sophon IDS (S-IDS), which transmits deceptive information to IDSGAN-based attackers in order to disrupt their training process, ultimately mitigating the effectiveness of IDSGAN-based attacks. Technically, the deceptive information is generated by flipping the benign/malicious labels of network flows. In our research, we compared the performance of a series of label-flipping strategies. Our experimental results indicate that the 'DVT-U-01' strategy leads to the highest detection rate for IDSGAN-based network flows. In addition, we found that RNN-based S-IDS outperforms LR-based and MLP-based S-IDS.