Inter-layer autoencoder for mitigating evasion attacks against network intrusion detection systems

Adversarial attacks are a growing threat to the security of network management and control applications making use of artificial intelligence and deep learning techniques. In recent years there has been an increase in the use of adversarial attacks to deceive network traffic classifiers and anomaly detection systems, which are used to iden tify and classify the traffic flows traversing a network and recognize among them the occurrence of malicious or anomalous behaviors. The goal of such attacks is to appropriately perturb the network traffic in a way that evades the system detection capabilities by preventing the proper identification and classification of the involved flows. In this paper, we propose a novel defense solution, named Inter-Layer Autoencoder-based architecture, for fighting evasion attacks targeting Network Intrusion Detection Systems based on Deep Learning. The proposed method can be integrated with any neural classifier and anomaly detector without any need for re-training pro cedures. Moreover, the suggested approach is universally applicable as it doesn't necessitate prior knowledge of the specific attack, making it effective against a broad spectrum of attack types. The results from experiments, conducted by training a target model on the UNSW-NB15 dataset and deriving from it functionality-preserving adversarial attacks demonstrate that the suggested mechanism exhibits strong resilience. Indeed, under the con sidered threat model and functionality constraints, all adversarial samples derived from the UNSW-NB15 dataset were recognized, outperforming the foremost defense methods currently present in the state-of-the-art.