Skip to main content
SpringerLink
Log in

A P4-Based Adversarial Attack Mitigation on Machine Learning Models in Data Plane Devices

  • Published:
Journal of Network and Systems Management Aims and scope Submit manuscript

Abstract

In recent times, networks have been prone to several types of attacks, such as DDoS attacks, volumetric attacks, replay attacks, eavesdropping, etc., which drastically degrade the network’s performance. Fortunately, programmable switches facilitate the network monitoring function that helps to solve several security challenges in the network. Nowadays, programmable switches rely on Machine Learning (ML) models to identify intrusions and detect network attacks at a line rate. However, the developed ML models are prone to certain security risks, such as malicious inputs designed to achieve negative outcomes, evasive attacks on the system, and data poisoning attacks. This paper presents a novel framework using the P4 programming language to overcome the above problem on the ML models. Our proposed framework identifies the important features after feature analysis and generates perturbations to showcase the evasion-based adversarial attack in the data plane switches, which an attacker might perform to disrupt the actual behavior of the deployed ML model at the data plane P4 switches. Further, we analyze the plausible impacts of such evasion-based adversarial attacks. Additionally, as part of our framework, we have also proposed a mitigation technique aimed at reducing the impact of these evasion-based adversarial attacks. The results show that the model’s classification rate, under adversarial attack when tested against CICIDS and USB-IDS Datasets, can significantly drop from 99.2% to as low as 50.14% and from 93.7% to as low as 65.1% respectively and increased by 17%,12% after the implementation of proposed mitigation technique in the data plane.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Algorithm 1
Fig. 3
Algorithm 2
Algorithm 3
Fig. 4
Algorithm 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. Liatifis, A., Sarigiannidis, P., Argyriou, V., Lagkas, T.: Advancing SDN from openflow to P4: a survey. ACM Comput. Surv. 55(9), 1–37 (2023)

    Article  Google Scholar 

  2. Kuranage, M.P.J., Piamrat, K., Hamma, S.: Network traffic classification using machine learning for software defined networks. In: International Conference on Machine Learning for Networking, pp. 28–39. Springer, Cham (2020)

  3. Nougnanke, K.B.: Towards ML-based management of software-defined networks. PhD diss., Université Paul Sabatier-Toulouse III (2021)

  4. Kfoury, Elie F., Crichigno, Jorge, Bou-Harb, Elias: An exhaustive survey on P4 programmable data plane switches: taxonomy, applications, challenges, and future trends. IEEE Access 9, 87094–87155 (2021)

    Article  Google Scholar 

  5. Talukder, Md.A., Hasan, K.F., Islam, Md.M., Uddin, Md.A., Akhter, A., Yousuf, M.A., Alharbi, F., Moni, M.A.: A dependable hybrid machine learning model for network intrusion detection. J. Inf. Secur. Appl. 72, 103405 (2023)

    Google Scholar 

  6. Papernot, N., McDaniel, P., Sinha, A., Wellman, M.P.: Sok: security and privacy in machine learning. In: 2018 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 399–414. IEEE (2018)

  7. Mohammad J.H., Cusack, G., Keller, E.: Towards evaluation of NIDSs in adversarial setting. In: Proceedings of the ACM CoNEXT Workshop Big Data, Machine Learning and Artificial Intelligence for Data Commununication Networks, pp. 14–21 (2019)

  8. Pitropakis, Nikolaos, Panaousis, Emmanouil, Giannetsos, Thanassis, Anastasiadis, Eleftherios, Loukas, George: A taxonomy and survey of attacks against machine learning. Comput. Sci. Rev. 34(2019), 100199 (2019)

    Article  MathSciNet  Google Scholar 

  9. Shilin, Q., Liu, Q., Zhou, S., Wu, C.: Review of artificial intelligence adversarial attack and defense technologies. MDPI Appl. Sci. 9(5), 909 (2019)

    Google Scholar 

  10. Giovanni, A., Colajanni, M., Ferretti, L., Marchetti, M.: Addressing adversarial attacks against security systems based on machine learning. In: Proceedings of the IEEE International Conference on Cyber Conflicts, pp. 1–18 (2019)

  11. De Lucia, M.J., Cotton, C.: Adversarial machine learning for cyber security. J. Inf. Syst. Appl. Res. 12(1), 26 (2019)

    Google Scholar 

  12. Olakunle, I., Abou-Khamis, R., Matrawy, A., Shafiq, M.O.: The threat of adversarial attacks on machine learning in network security—a survey (2019). arXiv:1911.02621

  13. Sadeghi, K., Banerjee, A., Gupta, S.K.S.: A system-driven taxonomy of attacks and defenses in adversarial machine learning. IEEE Trans. Emerg. Top. Comput. Intell. 2020, 1–18 (2020)

    Google Scholar 

  14. Martins, Nuno, Cruz, José Magalhães., Cruz, Tiago, Abreu, Pedro Henriques: Adversarial machine learning applied to intrusion and malware scenarios: a systematic review. IEEE Access 8(2020), 35403–35419 (2020)

    Article  Google Scholar 

  15. Kumar, R.S.S., Nystrom, M., Lambert, J., Marshall, A., Goertzel, M., Comissoneru, A., Swann, M., Xia, S.: Adversarial machine learning-industry perspectives. In: IEEE Security and Privacy Workshops (SPW’20), pp. 69–75. IEEE (2020)

  16. Ibitoye, O., Shehaby, M.E., Matrawy, A., Shafiq, M.O.: The threat of adversarial attacks on machine learning in network security—a survey (2019). arXiv:1911.02621

  17. Rosenberg, I., Shabtai, A., Elovici, Y., Rokach, L.: Adversarial machine learning attacks and defense methods in the cyber security domain. ACM Comput. Surv. 54(5), 1–36 (2021)

    Article  Google Scholar 

  18. Zhaoqi, X., Zilberman, N.: Do switches dream of machine learning? Toward in-network classification. In: 18th ACM Workshop on Hot Topics in Networks HotNets ’19. Association for Computing Machinery (2019)

  19. Bai, J., Zhang, M., Li, G., Liu, C., Xu, M., Hu, H.: FastFE: accelerating ML-based traffic analysis with programmable switches. In: Workshop on secure programmable network infrastructure (SPIN) (2020)

  20. Busse-Grawitz, C., Meier, R., Dietmüller, A., Bühler, T., Vanbever, L.: pforest: in-network inference with random forests (2019). arXiv:1909

  21. Busse-Grawitz, C., Meier, R., Dietmüller, A., Bühler, T., Vanbever, L.: pforest: in-network inference with random forests (2022). arXiv:1909.05680v2

  22. Zheng, C., Xiong, Z., Bui, T.T., Kaupmees, S., Bensoussane, R., Bernabeu, A., Vargaftik, S., Ben-Itzhak, Y., Zilberman, N.: IIsy: practical in-network classification (2022). arXiv:2205.08243

  23. Zheng, C., Zang, M., Hong, X., Bensoussane, R., Vargaftik, S., Ben-Itzhak, Y., Zilberman, N.: Automating in-network machine learning (2022). arXiv:2205.08824

  24. Guorui, X., Li, Q., Dong, Y., Duan, G., Jiang, Y., Duan, J.: Mousika: enable general in-network intelligence in programmable switches by knowledge distillation. In: IEEE INFOCOM 2022—IEEE Conference on Computer Communications, pp. 1938–1947 . IEEE Press (2022)

  25. Tanyi-Jong, A.A., Gucciardo, M., Fiore, M.: Flowrest: practical flow-level inference in programmable switches with random forests. In: IEEE International Conference on Computer Communications, Zenodo (2023)

  26. Lee, J.-H., Singh, K.: SwitchTree: in-network computing and traffic analyses with Random Forests. Neural Comput. Appl. 1–12(2020)

  27. Iman, S., Lashkari, A.H., Ghorbani, A.A..: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: Proceedings of the Springer International Conference Information Systems Security and Privacy, pp. 108–116 (2018)

  28. Catillo, M., Del Vecchio, A., Ocone, L., Pecchia, A., Villano, U.: USB-IDS-1: a public multilayer dataset of labeled network flows for IDS evaluation. In: 2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W), pp. 1-6. IEEE (2021)

  29. Cramer, J.S.: The origins of logistic regression (December 2002). Tinbergen Institute Working Paper No. 2002-119/4

  30. Langley, P., Iba, W., Thomas, K.: An analysis of Bayesian classifiers. In: Proceedings of the Tenth National Conference of Artificial Intelligence, pp. 223–228. AAAI Press (1992)

  31. Breiman, L., Friedman, J., Olshen, R., Stone, C.: Classification and Regression Trees. Wadsworth, Belmont, CA (1984)

    Google Scholar 

  32. Breiman, L.: Random Forests. Mach. Learn. 45, 5–32 (2001)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, International Institute of Information Technology, Naya Raipur, Raipur, India

    Sankepally Sainath Reddy, Kosaraju Nishoak, J. L. Shreya, Yennam Vishwambhar Reddy & U. Venkanna

  2. Indian Institute of Information Technology, Design and Manufacturing, Kurnool, Kurnool, India

    Sankepally Sainath Reddy, Kosaraju Nishoak, J. L. Shreya, Yennam Vishwambhar Reddy & U. Venkanna

Authors
  1. Sankepally Sainath Reddy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kosaraju Nishoak
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. J. L. Shreya
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yennam Vishwambhar Reddy
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. U. Venkanna
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to U. Venkanna.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Reddy, S.S., Nishoak, K., Shreya, J.L. et al. A P4-Based Adversarial Attack Mitigation on Machine Learning Models in Data Plane Devices. J Netw Syst Manage 32, 5 (2024). https://doi.org/10.1007/s10922-023-09777-6

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10922-023-09777-6

Keywords

Search

Navigation