The Threat of Adversarial Attacks against Machine Learning in Network Security: A Survey

Authors

  • Olakunle Ibitoye School of Information Technology, Carleton University, Ottawa, ON, Canada https://orcid.org/0000-0002-7943-0163
  • Rana Abou-Khamis School of Information Technology, Carleton University, Ottawa, ON, Canada
  • Mohamed elShehaby Department of Systems and Computer Engineering, Carleton University, Ottawa, ON, Canada https://orcid.org/0000-0003-2958-0064
  • Ashraf Matrawy School of Information Technology, Carleton University, Ottawa, ON, Canada https://orcid.org/0000-0001-9220-4630
  • M. Omair Shafiq School of Information Technology, Carleton University, Ottawa, ON, Canada https://orcid.org/0000-0002-1859-8296

DOI:

https://doi.org/10.37256/jeee.4120255738

Keywords:

machine learning, adversarial samples, network security

Abstract

Machine learning models have made many decision support systems to be faster, more accurate and more efficient. However, applications of machine learning in network security face more disproportionate threat of active adversarial attacks compared to other domains. This is because machine learning applications in network security such as malware detection, intrusion detection, and spam filtering are by themselves adversarial in nature. In what could be considered an arm's race between attackers and defenders, adversaries constantly probe machine learning systems with inputs which are explicitly designed to bypass the system and induce a wrong prediction. In this survey, we first provide a taxonomy of machine learning techniques, tasks, and depth. We then introduce a classification of machine learning in network security applications. Next, we examine various adversarial attacks against machine learning in network security and introduce two classification approaches for adversarial attacks in network security. First, we classify adversarial attacks in network security based on a taxonomy of network security applications. Secondly, we categorize adversarial attacks in network security into a problem space vs. feature space dimensional classification model. We then analyze the various defenses against adversarial attacks on machine learning-based network security applications. We conclude by introducing an adversarial risk grid map and evaluate several existing adversarial attacks against machine learning in network security using the risk grid map. We also identify where each attack classification resides within the adversarial risk grid map.

Downloads

Published

2025-01-08

How to Cite

(1)
Ibitoye, O.; Abou-Khamis, R.; elShehaby, M.; Matrawy, A.; Shafiq, M. O. The Threat of Adversarial Attacks Against Machine Learning in Network Security: A Survey. J. Electron. Electric. Eng. 2025, 4, 16–59.