ML-based Network Intrusion Detection Systems: Resilience threats and a mitigation approach

With the ever-increasing amount of cyberthreats out there, securing IT and OT infrastructures against these threats has become not only desirable, but fundamental. Network Intrusion Detection Systems (NIDS) are key assets for system protection, providing early alerts of network attacks. An important class of NIDS are those based on ML techniques, around which a substantial amount of research is being done these days. Unfortunately, being ML-based, these NIDS can be targeted by adversarial evasion attacks (AEA), which malicious parties try to exploit to perform network attacks without being detected.

Overview

Abstract

With the ever-increasing amount of cyberthreats out there, securing IT and OT infrastructures against these threats has become not only desirable, but fundamental. Network Intrusion Detection Systems (NIDS) are key assets for system protection, providing early alerts of network attacks. An important class of NIDS are those based on ML techniques, around which a substantial amount of research is being done these days. Unfortunately, being ML-based, these NIDS can be targeted by adversarial evasion attacks (AEA), which malicious parties try to exploit to perform network attacks without being detected.

In this talk we present some of the work being done in a partnership between FCUL (Portugal) and PUCPR (Brazil) to address this problem. We start by looking at the potential attack surface, to understand how these AEA attacks may be done, and to which extent they are doable in practice. Then we look at the severity of different kinds attacks, namely comparing attacks requiring access to the NIDS pipeline (white-box) to attacks performed only by modifying network traffic (black-box). Both the raised knowledge on the exploitability of attacks and their potential impact on the NIDS performance is important for risk analysis. Finally, we describe an approach based on the use of diversity, currently under development, that is meant to improve the NIDS resilience by defending it against these AEA attacks.

Brief Biography

António Casimiro is an Associate Professor at the Department of Informatics of the University of Lisboa Faculty of Sciences (FCUL), where he joined in 1996. He is a member of the LASIGE research laboratory, where he leads the research line on Cyber-Physical Systems. He is currently involved in the VEDLIoT (H2020) and ADMORPH (H2020) projects and coordinating the AQUAMON (FCT) project. His research has been focusing on safety, security and adaptation aspects of distributed and real-time embedded systems, with applications to cyber-physical systems like autonomous and cooperative vehicles or monitoring and control systems in critical infrastructures. He served as Program Chair and organizer of AEiC 2023, SAFECOMP 2020, Ada-Europe 2018 and was Program Co-Chair of SRDS 2014. He has been serving in the program committees of several conferences in his areas of research, such as DSN, SRDS and SAFECOMP. He coordinates the FCUL's Master in Information Security. He is a member of the IFIP WG10.4 on Dependable Computing and Fault Tolerance, of the Ada-Europe Board, of EWICS TC7, of IEEE, of ACM, and of Ordem dos Engenheiros.

Presenters

António Casimiro is an Associate Professor at the Department of Informatics of the University of Lisboa Faculty of Sciences (FCUL)