Abstract
In recent times, networks have been prone to several types of attacks, such as DDoS attacks, volumetric attacks, replay attacks, eavesdropping, etc., which drastically degrade the network’s performance. Fortunately, programmable switches facilitate the network monitoring function that helps to solve several security challenges in the network. Nowadays, programmable switches rely on Machine Learning (ML) models to identify intrusions and detect network attacks at a line rate. However, the developed ML models are prone to certain security risks, such as malicious inputs designed to achieve negative outcomes, evasive attacks on the system, and data poisoning attacks. This paper presents a novel framework using the P4 programming language to overcome the above problem on the ML models. Our proposed framework identifies the important features after feature analysis and generates perturbations to showcase the evasion-based adversarial attack in the data plane switches, which an attacker might perform to disrupt the actual behavior of the deployed ML model at the data plane P4 switches. Further, we analyze the plausible impacts of such evasion-based adversarial attacks. Additionally, as part of our framework, we have also proposed a mitigation technique aimed at reducing the impact of these evasion-based adversarial attacks. The results show that the model’s classification rate, under adversarial attack when tested against CICIDS and USB-IDS Datasets, can significantly drop from 99.2% to as low as 50.14% and from 93.7% to as low as 65.1% respectively and increased by 17%,12% after the implementation of proposed mitigation technique in the data plane.
Similar content being viewed by others
References
Liatifis, A., Sarigiannidis, P., Argyriou, V., Lagkas, T.: Advancing SDN from openflow to P4: a survey. ACM Comput. Surv. 55(9), 1–37 (2023)
Kuranage, M.P.J., Piamrat, K., Hamma, S.: Network traffic classification using machine learning for software defined networks. In: International Conference on Machine Learning for Networking, pp. 28–39. Springer, Cham (2020)
Nougnanke, K.B.: Towards ML-based management of software-defined networks. PhD diss., Université Paul Sabatier-Toulouse III (2021)
Kfoury, Elie F., Crichigno, Jorge, Bou-Harb, Elias: An exhaustive survey on P4 programmable data plane switches: taxonomy, applications, challenges, and future trends. IEEE Access 9, 87094–87155 (2021)
Talukder, Md.A., Hasan, K.F., Islam, Md.M., Uddin, Md.A., Akhter, A., Yousuf, M.A., Alharbi, F., Moni, M.A.: A dependable hybrid machine learning model for network intrusion detection. J. Inf. Secur. Appl. 72, 103405 (2023)
Papernot, N., McDaniel, P., Sinha, A., Wellman, M.P.: Sok: security and privacy in machine learning. In: 2018 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 399–414. IEEE (2018)
Mohammad J.H., Cusack, G., Keller, E.: Towards evaluation of NIDSs in adversarial setting. In: Proceedings of the ACM CoNEXT Workshop Big Data, Machine Learning and Artificial Intelligence for Data Commununication Networks, pp. 14–21 (2019)
Pitropakis, Nikolaos, Panaousis, Emmanouil, Giannetsos, Thanassis, Anastasiadis, Eleftherios, Loukas, George: A taxonomy and survey of attacks against machine learning. Comput. Sci. Rev. 34(2019), 100199 (2019)
Shilin, Q., Liu, Q., Zhou, S., Wu, C.: Review of artificial intelligence adversarial attack and defense technologies. MDPI Appl. Sci. 9(5), 909 (2019)
Giovanni, A., Colajanni, M., Ferretti, L., Marchetti, M.: Addressing adversarial attacks against security systems based on machine learning. In: Proceedings of the IEEE International Conference on Cyber Conflicts, pp. 1–18 (2019)
De Lucia, M.J., Cotton, C.: Adversarial machine learning for cyber security. J. Inf. Syst. Appl. Res. 12(1), 26 (2019)
Olakunle, I., Abou-Khamis, R., Matrawy, A., Shafiq, M.O.: The threat of adversarial attacks on machine learning in network security—a survey (2019). arXiv:1911.02621
Sadeghi, K., Banerjee, A., Gupta, S.K.S.: A system-driven taxonomy of attacks and defenses in adversarial machine learning. IEEE Trans. Emerg. Top. Comput. Intell. 2020, 1–18 (2020)
Martins, Nuno, Cruz, José Magalhães., Cruz, Tiago, Abreu, Pedro Henriques: Adversarial machine learning applied to intrusion and malware scenarios: a systematic review. IEEE Access 8(2020), 35403–35419 (2020)
Kumar, R.S.S., Nystrom, M., Lambert, J., Marshall, A., Goertzel, M., Comissoneru, A., Swann, M., Xia, S.: Adversarial machine learning-industry perspectives. In: IEEE Security and Privacy Workshops (SPW’20), pp. 69–75. IEEE (2020)
Ibitoye, O., Shehaby, M.E., Matrawy, A., Shafiq, M.O.: The threat of adversarial attacks on machine learning in network security—a survey (2019). arXiv:1911.02621
Rosenberg, I., Shabtai, A., Elovici, Y., Rokach, L.: Adversarial machine learning attacks and defense methods in the cyber security domain. ACM Comput. Surv. 54(5), 1–36 (2021)
Zhaoqi, X., Zilberman, N.: Do switches dream of machine learning? Toward in-network classification. In: 18th ACM Workshop on Hot Topics in Networks HotNets ’19. Association for Computing Machinery (2019)
Bai, J., Zhang, M., Li, G., Liu, C., Xu, M., Hu, H.: FastFE: accelerating ML-based traffic analysis with programmable switches. In: Workshop on secure programmable network infrastructure (SPIN) (2020)
Busse-Grawitz, C., Meier, R., Dietmüller, A., Bühler, T., Vanbever, L.: pforest: in-network inference with random forests (2019). arXiv:1909
Busse-Grawitz, C., Meier, R., Dietmüller, A., Bühler, T., Vanbever, L.: pforest: in-network inference with random forests (2022). arXiv:1909.05680v2
Zheng, C., Xiong, Z., Bui, T.T., Kaupmees, S., Bensoussane, R., Bernabeu, A., Vargaftik, S., Ben-Itzhak, Y., Zilberman, N.: IIsy: practical in-network classification (2022). arXiv:2205.08243
Zheng, C., Zang, M., Hong, X., Bensoussane, R., Vargaftik, S., Ben-Itzhak, Y., Zilberman, N.: Automating in-network machine learning (2022). arXiv:2205.08824
Guorui, X., Li, Q., Dong, Y., Duan, G., Jiang, Y., Duan, J.: Mousika: enable general in-network intelligence in programmable switches by knowledge distillation. In: IEEE INFOCOM 2022—IEEE Conference on Computer Communications, pp. 1938–1947 . IEEE Press (2022)
Tanyi-Jong, A.A., Gucciardo, M., Fiore, M.: Flowrest: practical flow-level inference in programmable switches with random forests. In: IEEE International Conference on Computer Communications, Zenodo (2023)
Lee, J.-H., Singh, K.: SwitchTree: in-network computing and traffic analyses with Random Forests. Neural Comput. Appl. 1–12(2020)
Iman, S., Lashkari, A.H., Ghorbani, A.A..: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: Proceedings of the Springer International Conference Information Systems Security and Privacy, pp. 108–116 (2018)
Catillo, M., Del Vecchio, A., Ocone, L., Pecchia, A., Villano, U.: USB-IDS-1: a public multilayer dataset of labeled network flows for IDS evaluation. In: 2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W), pp. 1-6. IEEE (2021)
Cramer, J.S.: The origins of logistic regression (December 2002). Tinbergen Institute Working Paper No. 2002-119/4
Langley, P., Iba, W., Thomas, K.: An analysis of Bayesian classifiers. In: Proceedings of the Tenth National Conference of Artificial Intelligence, pp. 223–228. AAAI Press (1992)
Breiman, L., Friedman, J., Olshen, R., Stone, C.: Classification and Regression Trees. Wadsworth, Belmont, CA (1984)
Breiman, L.: Random Forests. Mach. Learn. 45, 5–32 (2001)
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Reddy, S.S., Nishoak, K., Shreya, J.L. et al. A P4-Based Adversarial Attack Mitigation on Machine Learning Models in Data Plane Devices. J Netw Syst Manage 32, 5 (2024). https://doi.org/10.1007/s10922-023-09777-6
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s10922-023-09777-6