Ctgan Adversarial Attack on Network Intrusion Detection Based on Lstm Algorithm

Deep neural networks have proven successful in the intrusion detection domain. Cyber security experts and designers must develop a variety of network intrusion detection systems to secure networks and computers from black hackers who might breach the network system and steal or damage important data from databases. Regrettably, recent studies revealed that adversarial samples can affect deep neural networks. Since it is commonly known that deep learning algorithms are susceptible to adversarial examples, cybercriminals dare to devise ways to utilize weaknesses to acquire data or try to mislead these intrusion detection classifiers to make them misclassify data for their selfish advantage. But since there are too many parameters, Deep Neural Networks (DNN) show structural instability, which reduces the model's overall accuracy. Based on the literature on adversarial samples creation for neural networks, the priority was in models that dealt with classification problems. Consequently, it does not address intrusion detection based on time series data. In this research, we study the performance of the CTGAN attack method against an LSTM-based method for detecting network intrusions. We initially use the NSL-KDD dataset to train an LSTM model for detecting malicious behavior and our results show that the classifier has achieved good performance with accuracy of 0.9607, Precision 0.8725, Recall 0.3873, and F1 score 0.9210, then we generate adversarial data using CTGAN synthesizer on the dataset there by making the LSTM model misclassify an attack as normal record and the attack's success rate was evaluated making the results with accuracy of 0.5257, Precision 0.5656, Recall 1.0000, and F1 score 0.4099. Keywords: Machine Learning; Deep Learning; Network Intrusion Detection Systems; Long-Short-Term Memory; Adversarial Examples; Conditional Tabular Generative Adversarial Network.