信息工程大学学报2024,Vol.25Issue(3):298-306,9.DOI:10.3969/j.issn.1671-0673.2024.03.008
基于多样化时间关联的流量对抗攻击方法
A Traffic Adversarial Attack Method Based on Diversified Time Correlation
摘要
Abstract
Traditional traffic adversarial example generation methods based on long short-term memory(LSTM)require knowledge of the entire traffic flow for generation,making them unsuitable for real-world end-to-end environments.To address this issue,a diversified time correlation attack(DTCA)method is proposed in this paper.First,the method employs factor principal component analysis to ex-tract time cluster features of malicious traffic before launching an attack.Then,it uses a multi-input LSTM model to learn the temporal correlations of normal network traffic,based on which the malicious traffic duration is predicted and"disguised"for adversarial purposes.Finally,the method reshapes the malicious traffic based on the adversarial generated traffic duration,replays it back into the target net-work,and assesses the attack's effectiveness.Experiments on three classic detection models show that,compared with traditional methods,the DTCA method can reduce the detection effectiveness of the three detectors by an average of over 60%,and can be applied in real network end-to-end environ-ments.关键词
入侵检测/对抗样本攻击/流量重塑/主成分分析Key words
intrusion detection/adversarial example/traffic reshape/factor principal component analysis分类
信息技术与安全科学引用本文复制引用
何元康,马海龙,胡涛,江逸茗..基于多样化时间关联的流量对抗攻击方法[J].信息工程大学学报,2024,25(3):298-306,9.基金项目
雄安新区科技创新专项(2022XAGG0111) (2022XAGG0111)
