Enhancing network intrusion detection systems: A real-time adaptive machine learning approach for adversarial packet-mutation mitigation

MD Mehedi Hasan; Rafiqul Islam; Quazi Mamun; Md Zahidul Islam; Junbin Gao

doi:10.1109/NCA61908.2024.00042

Enhancing network intrusion detection systems: A real-time adaptive machine learning approach for adversarial packet-mutation mitigation

Computing, Mathematics and Engineering

The University of Sydney

Research output: Book chapter/Published conference paper › Conference paper › peer-review

2 Citations (Scopus)

Abstract

Network Intrusion Detection Systems (NIDS) are increasingly vulnerable to sophisticated packet-mutation attacks that evade traditional detection methods. This paper presents a runtime adaptive machine-learning strategy to combat such adversarial attacks. We introduce an Adaptive Layered Mutation Algorithm (ALMA) for generating advanced adversarial examples and a runtime adaptive learning framework for realtime detection and response. Our approach integrates these components to create a robust, self-evolving NIDS. Experiments comparing various feature extractors and machine learning classifiers demonstrate that our adaptive approach achieves up to 98% detection accuracy, significantly improving the identification of mutated packets over static models. The integrated system rapidly adapts to new attack patterns, achieving over 90% detection accuracy for novel attacks within 2-3 update cycles. This research contributes to network security by presenting an adaptive, high-performance approach to intrusion detection that effectively addresses challenges posed by evolving packet-mutation attacks, offering promising directions for nextgeneration NIDS development.

Original language	English
Title of host publication	Proceedings, 2024 22nd International Symposium on Network Computing and Applications
Subtitle of host publication	NCA 2024
Editors	Joann Wu
Place of Publication	Piscataway, NJ
Publisher	IEEE
Pages	227-235
Number of pages	9
ISBN (Electronic)	9798331510183
DOIs	https://doi.org/10.1109/NCA61908.2024.00042
Publication status	Published - 2024
Event	The 22nd International Symposium on Network Computing and Applications 2024: NCA 2024 - Residential Center in Bertinoro, Bertinoro, Italy Duration: 24 Oct 2024 → 26 Oct 2024 https://www.nca-ieee.org/2024/index.html https://www.nca-ieee.org/2024/conference_program.html (Program) https://www.nca-ieee.org/2024/call_for_papers.html (Call for papers) https://doi.org/10.1109/NCA65406.2024 (Proceedings)

Publication series

Name	Proceedings - 2024 22nd International Symposium on Network Computing and Applications, NCA 2024

Conference

Conference	The 22nd International Symposium on Network Computing and Applications 2024
Country/Territory	Italy
City	Bertinoro
Period	24/10/24 → 26/10/24
Other	NCA is a successful series of conferences that serves as a large international forum for presenting and sharing recent research results and technological developments in the fields of Network and Cloud Computing. NCA, sponsored by the PE7 SERICS project, reaches out to both researchers and practitioners, and to both academia and industry.
Internet address	https://www.nca-ieee.org/2024/index.html https://www.nca-ieee.org/2024/conference_program.html (Program) https://www.nca-ieee.org/2024/call_for_papers.html (Call for papers) https://doi.org/10.1109/NCA65406.2024 (Proceedings)

Access to Document

10.1109/NCA61908.2024.00042

Cite this

Hasan, MD. M., Islam, R., Mamun, Q., Islam, M. Z., & Gao, J. (2024). Enhancing network intrusion detection systems: A real-time adaptive machine learning approach for adversarial packet-mutation mitigation. In J. Wu (Ed.), Proceedings, 2024 22nd International Symposium on Network Computing and Applications: NCA 2024 (pp. 227-235). Article 10945279 (Proceedings - 2024 22nd International Symposium on Network Computing and Applications, NCA 2024). IEEE. https://doi.org/10.1109/NCA61908.2024.00042

Hasan, MD Mehedi ; Islam, Rafiqul ; Mamun, Quazi et al. / Enhancing network intrusion detection systems : A real-time adaptive machine learning approach for adversarial packet-mutation mitigation. Proceedings, 2024 22nd International Symposium on Network Computing and Applications: NCA 2024. editor / Joann Wu. Piscataway, NJ : IEEE, 2024. pp. 227-235 (Proceedings - 2024 22nd International Symposium on Network Computing and Applications, NCA 2024).

@inproceedings{9a6d7a88de984b73a38c9192191200fe,

title = "Enhancing network intrusion detection systems: A real-time adaptive machine learning approach for adversarial packet-mutation mitigation",

abstract = "Network Intrusion Detection Systems (NIDS) are increasingly vulnerable to sophisticated packet-mutation attacks that evade traditional detection methods. This paper presents a runtime adaptive machine-learning strategy to combat such adversarial attacks. We introduce an Adaptive Layered Mutation Algorithm (ALMA) for generating advanced adversarial examples and a runtime adaptive learning framework for realtime detection and response. Our approach integrates these components to create a robust, self-evolving NIDS. Experiments comparing various feature extractors and machine learning classifiers demonstrate that our adaptive approach achieves up to 98\% detection accuracy, significantly improving the identification of mutated packets over static models. The integrated system rapidly adapts to new attack patterns, achieving over 90\% detection accuracy for novel attacks within 2-3 update cycles. This research contributes to network security by presenting an adaptive, high-performance approach to intrusion detection that effectively addresses challenges posed by evolving packet-mutation attacks, offering promising directions for nextgeneration NIDS development.",

keywords = "Adversarial Packet-Mutation, Cybersecurity, Feature Extraction, NIDS, Runtime Adaptive Machine Learning",

author = "Hasan, \{MD Mehedi\} and Rafiqul Islam and Quazi Mamun and Islam, \{Md Zahidul\} and Junbin Gao",

note = "Publisher Copyright: {\textcopyright}2024 IEEE.; The 22nd International Symposium on Network Computing and Applications 2024 : NCA 2024 ; Conference date: 24-10-2024 Through 26-10-2024",

year = "2024",

doi = "10.1109/NCA61908.2024.00042",

language = "English",

series = "Proceedings - 2024 22nd International Symposium on Network Computing and Applications, NCA 2024",

publisher = "IEEE",

pages = "227--235",

editor = "Joann Wu",

booktitle = "Proceedings, 2024 22nd International Symposium on Network Computing and Applications",

address = "United States",

url = "https://www.nca-ieee.org/2024/index.html, https://www.nca-ieee.org/2024/conference\_program.html, https://www.nca-ieee.org/2024/call\_for\_papers.html, https://doi.org/10.1109/NCA65406.2024",

}

Hasan, MDM , Islam, R , Mamun, Q , Islam, MZ & Gao, J 2024, Enhancing network intrusion detection systems: A real-time adaptive machine learning approach for adversarial packet-mutation mitigation. in J Wu (ed.), Proceedings, 2024 22nd International Symposium on Network Computing and Applications: NCA 2024., 10945279, Proceedings - 2024 22nd International Symposium on Network Computing and Applications, NCA 2024, IEEE, Piscataway, NJ, pp. 227-235, The 22nd International Symposium on Network Computing and Applications 2024, Bertinoro, Italy, 24/10/24. https://doi.org/10.1109/NCA61908.2024.00042

Enhancing network intrusion detection systems: A real-time adaptive machine learning approach for adversarial packet-mutation mitigation. / Hasan, MD Mehedi ; Islam, Rafiqul ; Mamun, Quazi et al.
Proceedings, 2024 22nd International Symposium on Network Computing and Applications: NCA 2024. ed. / Joann Wu. Piscataway, NJ: IEEE, 2024. p. 227-235 10945279 (Proceedings - 2024 22nd International Symposium on Network Computing and Applications, NCA 2024).

Research output: Book chapter/Published conference paper › Conference paper › peer-review

TY - GEN

T1 - Enhancing network intrusion detection systems

T2 - The 22nd International Symposium on Network Computing and Applications 2024

AU - Hasan, MD Mehedi

AU - Islam, Rafiqul

AU - Mamun, Quazi

AU - Islam, Md Zahidul

AU - Gao, Junbin

PY - 2024

Y1 - 2024

N2 - Network Intrusion Detection Systems (NIDS) are increasingly vulnerable to sophisticated packet-mutation attacks that evade traditional detection methods. This paper presents a runtime adaptive machine-learning strategy to combat such adversarial attacks. We introduce an Adaptive Layered Mutation Algorithm (ALMA) for generating advanced adversarial examples and a runtime adaptive learning framework for realtime detection and response. Our approach integrates these components to create a robust, self-evolving NIDS. Experiments comparing various feature extractors and machine learning classifiers demonstrate that our adaptive approach achieves up to 98% detection accuracy, significantly improving the identification of mutated packets over static models. The integrated system rapidly adapts to new attack patterns, achieving over 90% detection accuracy for novel attacks within 2-3 update cycles. This research contributes to network security by presenting an adaptive, high-performance approach to intrusion detection that effectively addresses challenges posed by evolving packet-mutation attacks, offering promising directions for nextgeneration NIDS development.

AB - Network Intrusion Detection Systems (NIDS) are increasingly vulnerable to sophisticated packet-mutation attacks that evade traditional detection methods. This paper presents a runtime adaptive machine-learning strategy to combat such adversarial attacks. We introduce an Adaptive Layered Mutation Algorithm (ALMA) for generating advanced adversarial examples and a runtime adaptive learning framework for realtime detection and response. Our approach integrates these components to create a robust, self-evolving NIDS. Experiments comparing various feature extractors and machine learning classifiers demonstrate that our adaptive approach achieves up to 98% detection accuracy, significantly improving the identification of mutated packets over static models. The integrated system rapidly adapts to new attack patterns, achieving over 90% detection accuracy for novel attacks within 2-3 update cycles. This research contributes to network security by presenting an adaptive, high-performance approach to intrusion detection that effectively addresses challenges posed by evolving packet-mutation attacks, offering promising directions for nextgeneration NIDS development.

KW - Adversarial Packet-Mutation

KW - Cybersecurity

KW - Feature Extraction

KW - NIDS

KW - Runtime Adaptive Machine Learning

UR - https://www.nca-ieee.org/2024/assets/slides/paper32.pdf

UR - https://www.scopus.com/pages/publications/105002728195

UR - http://www.scopus.com/inward/citedby.url?scp=105002728195&partnerID=8YFLogxK

U2 - 10.1109/NCA61908.2024.00042

DO - 10.1109/NCA61908.2024.00042

M3 - Conference paper

AN - SCOPUS:105002728195

T3 - Proceedings - 2024 22nd International Symposium on Network Computing and Applications, NCA 2024

SP - 227

EP - 235

BT - Proceedings, 2024 22nd International Symposium on Network Computing and Applications

A2 - Wu, Joann

PB - IEEE

CY - Piscataway, NJ

Y2 - 24 October 2024 through 26 October 2024

ER -

Hasan MDM , Islam R , Mamun Q , Islam MZ, Gao J. Enhancing network intrusion detection systems: A real-time adaptive machine learning approach for adversarial packet-mutation mitigation. In Wu J, editor, Proceedings, 2024 22nd International Symposium on Network Computing and Applications: NCA 2024. Piscataway, NJ: IEEE. 2024. p. 227-235. 10945279. (Proceedings - 2024 22nd International Symposium on Network Computing and Applications, NCA 2024). doi: 10.1109/NCA61908.2024.00042

Enhancing network intrusion detection systems: A real-time adaptive machine learning approach for adversarial packet-mutation mitigation

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this