Skip to main content
SpringerLink
Log in

Automatically synthesizing DoS attack traces using generative adversarial networks

  • Original Article
  • Published:
International Journal of Machine Learning and Cybernetics Aims and scope Submit manuscript

Abstract

Artificial intelligence (AI) technology ruling people is still the scene in the science fiction film, but hackers using AI technology against existing security measures is an inescapable trend. Network intrusion detection systems (NIDS) based deep learning such as convolutional neural network (CNN) have reached a very high detection rate. But we propose DoS-WGAN, a common architecture that uses the Wasserstein generative adversarial networks (WGAN) with gradient penalty technology to evade network traffic Classifiers. To camouflage offensive denial of service (DoS) attack traffic as normal network traffic, DoS-WGAN automatically synthesizes attack traces that can defeat a existing NIDS/network security defense for DoS cases. Information entropy is used to measure the dispersing performance of generated DoS attack traffic. The generated DoS attack traffic is so similar to the normal traffic that detection algorithm cannot distinguish between them. When we input the generated DoS attack traffic to a NIDS based on CNN in our experiments, the detection rate drops to \(47.6\%\) from \(97.3\%\). To make the training more stable, we integrate the Standardized Euclidean distance and the information entropy to evaluate the training process. We believe that AI technology will play a particularly important role in the game of network attack and defense.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Arjovsky M, Bottou L (2017) Towards principled methods for training generative adversarial networks. arXiv preprint arXiv:170104862

  2. Arjovsky M, Chintala S, Bottou L (2017) Wasserstein GAN. arXiv preprint arXiv:170107875

  3. Bi J, Zhang K, Cheng X (2009) Intrusion detection based on RBF neural network. In: International symposium on information engineering and electronic commerce, IEEC’09. IEEE, New York, pp 357–360

  4. Biggio B, Corona I, Maiorca D, Nelson B, Šrndić N, Laskov P, Giacinto G, Roli F (2013) Evasion attacks against machine learning at test time. In: Joint European conference on machine learning and knowledge discovery in databases, vol 8190. Springer, Berlin, pp 387–402

    Chapter  Google Scholar 

  5. Bode MA, Oluwadare SA, Alese BK, Thompson FB (2015) Risk analysis in cyber situation awareness using Bayesian approach. In: 2015 international conference on cyber situational awareness, data analytics and assessment (CyberSA). IEEE, New York, pp 1–12

  6. Brain G (2015) Tensorflow. Open source software library. https://tensorflow.google.cn/. Accessed 24 Dec 2018

  7. Canbay Y, Sagiroglu S (2016) A hybrid method for intrusion detection. In: 2015 IEEE 14th international conference on machine learning and applications (ICMLA). IEEE, New York, pp 156–161

  8. Chauhan M, Pratap A, Sonika, Dixit A (2015) Designing a technique for detecting intrusion based on modified adaptive resonance theory network. In: 2015 international conference on green computing and internet of things (ICGCIoT). IEEE, New York, pp 448–451

  9. Chordia AS, Gupta S (2016) An effective model for anomaly ids to improve the efficiency. In: 2015 international conference on green computing and internet of things (ICGCIoT). IEEE, New York, pp 190–194

  10. Fu Y, Zhu Y, Yu H (2009) Study of neural network technologies in intrusion detection systems. In: 5th international conference on wireless communications, networking and mobile computing, WiCom’09. IEEE, New York, pp 4454–4457

  11. Goodfellow IJ, Pouget-Abadie J, Mirza M, Xu B, Warde-Farley D, Ozair S, Courville A, Bengio Y (2014) Generative adversarial nets. In: International conference on neural information processing systems, pp 2672–2680

  12. Gulrajani I, Ahmed F, Arjovsky M, Dumoulin V, Courville AC (2017) Improved training of Wasserstein GANs. In: Advances in neural information processing systems, pp 5767–5777

  13. Haykin S (1994) Neural networks: a comprehensive foundation. Prentice Hall PTR, London

  14. Hu W, Tan Y (2017) Generating adversarial malware examples for black-box attacks based on GAN. arXiv:1702.05983

  15. Jiang J, Zhang C, Kamel M (2003) RBF-based real-time hierarchical intrusion detection systems. In: 2003 proceedings of the international joint conference on neural networks, vol 2(2), pp 1512–1516

  16. Khosravi-Farmad M, Ramaki AA, Bafghi AG (2015) Risk-based intrusion response management in IDS using Bayesian decision networks. In: 2015 5th international conference on computer and knowledge engineering (ICCKE). IEEE, New York, pp 307–312

  17. Kingma D, Ba J (2014) Adam: a method for stochastic optimization. Comput Sci

  18. Kumar VD, Radhakrishnan S (2014) Intrusion detection in MANET using self organizing map (SOM). In: 2014 international conference on recent trends in information technology (ICRTIT). IEEE, New York, pp 1–8

  19. Padmadas M, Krishnan N, Kanchana J, Karthikeyan M (2014) Layered approach for intrusion detection systems based genetic algorithm. In: 2013 IEEE international conference on computational intelligence and computing research (ICCIC). IEEE, New York, pp 1–4

  20. Sahu S, Mehtre BM (2015) Network intrusion detection system using j48 decision tree. In: 2015 international conference on advances in computing, communications and informatics (ICACCI). IEEE, New York, pp 2023–2026

  21. Salimans T, Goodfellow I, Zaremba W, Cheung V, Radford A, Chen X (2016) Improved techniques for training GANs. In: Advances in neural information processing systems, pp 2234–2242

  22. Senthilnayaki B, Venkatalakshmi K, Kannan A (2015) Intrusion detection using optimal genetic feature selection and svm based classifier. In: 2015 3rd international conference on signal processing, communication and networking (ICSCN). IEEE, New York, pp 1–4

  23. Stolfo S, Lee W (1999) Kddcup 1999 dataset. The data set used for the third international knowledge discovery and data mining tools competition. http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html. Accessed 29 Mar 2018

  24. Teng L, Teng S, Tang F, Zhu H, Zhang W, Liu D, Liang L (2015) A collaborative and adaptive intrusion detection based on svms and decision trees. In: 2014 IEEE international conference on data mining workshop (ICDMW). IEEE, New York, pp 898–905

  25. Villani C (2009) Optimal transport: old and new. In: Grundlehren der mathematischen Wissenschaften. Springer, Berlin

  26. Vinayakumar R, Soman K, Poornachandran P (2017) Applying convolutional neural network for network intrusion detection. In: 2017 international conference on advances in computing, communications and informatics (ICACCI). IEEE, New York, pp 1222–1228

  27. Wahengbam M, Marchang N (2012) Intrusion detection in MANET using fuzzy logic. In: 2012 3rd national conference on emerging trends and applications in computer science (NCETACS). IEEE, New York, pp 189–192

  28. Xu W, Qi Y, Evans D (2016) Automatically evading classifiers: a case study on PDF malware classifiers. In: Proceedings of the 2016 network and distributed systems symposium. http://dx.doi.org/10.14722/ndss.2016.23115

  29. Yang Z, Karahoca A, Yang N, Aydin N (2008) Network intrusion detection by using cellular neural network with Tabu search. In: ECSIS symposium on bio-inspired learning and intelligent systems for security, BLISS’08. IEEE, New York, pp 64–68

  30. Zhang XY, Zeng HS, Jia L (2010) Research of intrusion detection system dataset-KDD CUP99. Comput Eng Des 31(22):4809–4805

  31. Zhu JY, Park T, Isola P, Efros AA (2017) Unpaired image-to-image translation using cycle-consistent adversarial networks. arXiv preprint arXiv:170310593

Download references

Acknowledgements

We thank the anonymous reviewers of this work for their helpful feedback. This research is supported in part by a grant from the National Natural Science Foundation of China (no. 61672358). This research is also supported in part by a grant from Basic Research Program of Shenzhen, China under its Suppress Distributed Denial of Service Attacks in IoT Program (no. JCYJ20170302154032530). All opinions expressed in this paper are solely those of the authors.

Author information

Authors and Affiliations

  1. College of Computer Science and Software Engineering, Shenzhen University, Shenzhen, China

    Qiao Yan, Mingde Wang, Wenyao Huang & Xupeng Luo

  2. College of Systems and Computer Engineering, Carleton University, Ottawa, ON, Canada

    F. Richard Yu

Authors
  1. Qiao Yan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mingde Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Wenyao Huang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Xupeng Luo
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. F. Richard Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Qiao Yan.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Yan, Q., Wang, M., Huang, W. et al. Automatically synthesizing DoS attack traces using generative adversarial networks. Int. J. Mach. Learn. & Cyber. 10, 3387–3396 (2019). https://doi.org/10.1007/s13042-019-00925-6

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13042-019-00925-6

Keywords

Search

Navigation