Abstract
Machine learning algorithms have been widely leveraged in traffic classification tasks to overcome the challenges brought by the enormous encrypted traffic. On the contrary, ML-based classifiers introduce adversarial example attacks, which can fool the classifiers into giving wrong outputs with elaborately designed examples. Some adversarial attacks have been proposed to evaluate and improve the robustness of ML-based traffic classifiers. Unfortunately, it is impractical for these attacks to assume that the adversary can run the target classifiers locally (white-box). Even some GAN-based black-box attacks still require the target classifiers to act as discriminators. We fill the gap by proposing FAT (We use FAT rather than TAT to imporove readability.), a novel black-box adversarial traffic attack framework, which generates the transFerable Adversarial Traffic to evade ML-based encrypted traffic classifiers. The key novelty of FAT is two-fold: i) FAT does not assume that the adversary can obtain the target classifier. Specifically, FAT builds proxy classifiers to mimic the target classifiers and generates transferable adversarial traffic to misclassify the target classifiers. ii) FAT makes adversarial traffic attacks more practical by translating adversarial features into traffic. We use two datasets, CICIDS-2017 and MTA, to evaluate the effectiveness of FAT against seven common ML-based classifiers. The experimental results show that FAT achieves an average evasion detection rate (EDR) of 86.7%, which is higher than the state-of-the-art black-box attack by 34.4%.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
The 77-dimensional feature list extracted by CICFlowMeter can be obtained from https://github.com/ahlashkari/CICFlowMeter.
References
Tahaei, H., Afifi, F., Asemi, A., Zaki, F., Anuar, N. B.: The rise of traffic classification in IoT networks: a survey. J. Netw. Comput. Appl. 154, 102538 (2020)
Google Transparency Report. https://transparencyreport.google.com/https/overview. Accessed 20 Mar 2022
Papadogiannaki, E., Ioannidis, S.: A survey on encrypted network traffic analysis applications, techniques, and countermeasures. ACM Comput. Surv. (CSUR) 54(6), 1–35 (2021)
Wang, P., Lin, S. C., Luo, M.: A framework for QoS-aware traffic classification using semi-supervised machine learning in SDNs. In: 2016 IEEE International Conference on Services Computing (SCC), pp. 760–765. IEEE (2016)
Chen, Y., Zang, T., Zhang, Y., Zhou, Y. Wang, Y.: Rethinking encrypted traffic classification: a multi-attribute associated fingerprint approach. In: 2019 IEEE 27th International Conference on Network Protocols (ICNP), pp. 1–11. IEEE (2019)
Wang, Z., Fok, K.W., Thing, V.L.: Machine learning for encrypted malicious traffic detection: approaches, datasets and comparative study. Comput. Secur. 113, 102542 (2022)
Szegedy, C., et al.: Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199 (2013)
Goodfellow, I.J., Shlens, J., Szegedy, C.: Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572 (2014)
Carlini, N., Wagner, D.: Towards evaluating the robustness of neural networks. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 39–57. IEEE (2017)
Lin, Z., Shi, Y., Xue, Z.: IdsGAN: generative adversarial networks for attack generation against intrusion detection. arXiv preprint arXiv:1809.02077 (2018)
Hashemi, M.J., Cusack, G., Keller, E.: Towards evaluation of NIDSS in adversarial setting. In: Proceedings of the 3rd ACM CoNEXT Workshop on Big DAta, Machine Learning and Artificial Intelligence for Data Communication Networks, pp. 14–21 (2019)
Han, D., et al.: Evaluating and improving adversarial robustness of machine learning-based network intrusion detectors. IEEE J. Sel. Areas Commun. 39(8), 2632–2647 (2021)
Goodfellow, I., et al.: Generative adversarial nets. In: Advances in Neural Information Processing Systems, vol. 27 (2014)
Sun, G.L., Xue, Y., Dong, Y., Wang, D., Li, C.: An novel hybrid method for effectively classifying encrypted traffic. In: 2010 IEEE Global Telecommunications Conference GLOBECOM 2010, pp. 1–5. IEEE (2010)
Liu, H., Wang, Z., Wang, Y.: Semi-supervised encrypted traffic classification using composite features set. J. Netw. 7(8), 1195 (2012)
Liu, C., He, L., Xiong, G., Cao, Z., Li, Z.: Fs-net: a flow sequence network for encrypted traffic classification. In: IEEE INFOCOM 2019-IEEE Conference on Computer Communications, pp. 1171–1179. IEEE (2019)
Stinson, E., Mitchell, J.C.: Towards systematic evaluation of the evadability of bot/botnet detection methods. WOOT 8, 1–9 (2008)
Novo, C., Morla, R.: Flow-based detection and proxy-based evasion of encrypted malware c2 traffic. In Proceedings of the 13th ACM Workshop on Artificial Intelligence and Security, pp. 83–91 (2020)
Managed Threat Detection. https://www.huaweicloud.com/product/mtd.html. Accessed 11 Aug 2022
Amazon GuardDuty. https://aws.amazon.com/cn/guardduty/. Accessed 11 Aug 2022
Davis, J.J., Clark, A.J.: Data preprocessing for anomaly based network intrusion detection: a review. Comput. Secur. 30(6–7), 353–375 (2011)
Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp 1, 108–116 (2018)
Malware Traffic Analysis. https://malware-traffic-analysis.net/. Accessed 20 Mar 2022
SSL Blacklist Project. https://sslbl.abuse.ch/. Accessed 20 Mar 2022
Zhu, X., Sobihani, P., Guo, H.: Long short-term memory over recursive structures. In: International Conference on Machine Learning, pp. 1604–1612 (2015)
Acknowledgements
We thank the anonymous reviewers for their insightful comments. This work was supported by the National Key Research and Development Program of China (No. 2019YFB1005201, No. 2019YFB1005203 and No. 2019YFB1005205).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Sun, H., Peng, C., Sang, Y., Li, S., Zhang, Y., Zhu, Y. (2022). Evading Encrypted Traffic Classifiers by Transferable Adversarial Traffic. In: Gao, H., Wang, X., Wei, W., Dagiuklas, T. (eds) Collaborative Computing: Networking, Applications and Worksharing. CollaborateCom 2022. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 461. Springer, Cham. https://doi.org/10.1007/978-3-031-24386-8_9
Download citation
DOI: https://doi.org/10.1007/978-3-031-24386-8_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-24385-1
Online ISBN: 978-3-031-24386-8
eBook Packages: Computer ScienceComputer Science (R0)