Defending Network IDS against Adversarial Examples with Continual Learning

Improving computer system security is one of the most critical issues in modern computer science. Machine learning algorithms increasingly support the construction of such solutions, mainly to detect network attacks. Such algorithms detect dangerous activity without requiring the manual formulation of expert rules to decide what activity constitutes an attack. Due to the emergence of new attacks, IDS (Intrusion Detection System) needs to be updated periodically. However, their update carried out without due care may also be exploited by an attacker who deliberately tries to influence the analyzed data to mislead the predictive model. The proposed approach uses adversarial examples to generate new network traffic patterns that are misclassified by the neural network inside the IDS. This approach could model the evolution of cyber threats to some extent and should allow for continuous improvement of the IDS. In this paper, we propose an original framework for simulating attacker-defender dynamics based on adversarial examples and show that it is possible to continuously improve IDS systems by applying continual learning strategies. The proposed approach has been tested based on experimental studies using known continual learning algorithms, and the experimental results confirm the usability of the proposed method. The results presented in this paper identify potential gaps in ML-based NIDS systems. At the same time, we show how these threats can be limited, which should contribute to mitigating some possible threads and the overall reliability of the intrusion detection process.