面向规避僵尸网络流量检测的对抗样本生成

doi:10.3778/j.issn.1002-8331.2008-0298

摘要/Abstract

摘要： 基于机器学习的僵尸网络流量检测是现阶段网络安全领域比较热门的研究方向，然而生成对抗网络（generative adversarial networks，GAN）的出现使得机器学习面临巨大的挑战。针对这个问题，在未知僵尸网络流量检测器模型结构和参数的假设条件下，基于生成对抗网络提出了一种新的用于黑盒攻击的对抗样本生成方法。该方法提取网络流量的统计特征，利用生成对抗网络思想，通过训练替代判别器和生成器，来拟合不同类型的黑盒僵尸网络流量检测器和生成可以规避黑盒僵尸网络流量检测器的对抗样本。生成的对抗样本是在原始僵尸网络流量的基础上添加不改变其攻击特性的微小扰动，从而降低僵尸网络流量的被检出率。实验结果表明，开源数据集N_BaIoT中的僵尸网络流量样本经该方法重新生成后，将僵尸网络流量的平均被检出率降低了0.481?8，且该方法适用于规避不同的僵尸网络检测算法以及由不同计算机设备构成的僵尸网络，具有良好的扩展性。

关键词: 生成对抗网络（GAN）, 僵尸网络流量检测, 黑盒攻击, 对抗样本生成, 替代判别器

Abstract: Botnet traffic detection based on machine learning is a hot research direction in the field of network security at this stage. However, the emergence of generative adversarial networks（GAN） makes machine learning face huge challenges. In response to this problem, under the assumption of unknown botnet traffic detector model structure and parameters, based on generative adversarial networks, a new method of generating adversarial samples for black box attacks is proposed. This method extracts the statistical characteristics of network traffic, uses the idea of generating adversarial networks to train a substitude detector and a generator, which are used to fit black box botnet traffic detectors and generate adversarial samples that can evade black box botnet traffic detectors. The generated adversarial samples are based on the original botnet traffic with small disturbances that do not change its attack characteristics, thereby reducing the probability of malicious traffic being detected as malicious. The experimental results show that the average detection rate of botnet traffic in the open source data set N_BaIoT is reduced by 0.4818 after the sample is regenerated by this method. Moreover, this method is applicable to many botnets composed of different computer equipments and has good scalability.

Key words: generative adversarial networks（GAN）, botnet traffic detector, black box attack, adversarial sample generation, substitude detector

李沛洋, 李璇, 陈俊杰, 陈永乐. 面向规避僵尸网络流量检测的对抗样本生成[J]. 计算机工程与应用, 2022, 58(4): 126-133.

LI Peiyang, LI Xuan, CHEN Junjie, CHEN Yongle. Adversarial Sample Generation for Evading Botnet Traffic Detection[J]. Computer Engineering and Applications, 2022, 58(4): 126-133.

参考文献

[1] 徐凌伟，于旭，林文忠，移动协作通信网络的物理层安全性能研究[J].聊城大学学报（自然科学版），2019，32（4）：95-100.
XU L W，YU X，LIN W Z.Research on physical layer security performance of mobile cooperative communication network[J].Journal of Liaocheng University（Natural Science Edition），2019，32（4）：95-100.
[2] NEGASH N，CHE X D.An overview of modern botnets[J].Information Security Journal：A Global Perspective，2015，24：127-132.
[3] HWANG R H，PENG M C，HUANG C W，et al.An unsupervised deep learning model for early network traffic anomaly detection[J].IEEE Access，2020，8：30387-30399.
[4] GAO M，MA L，LIU H，et al.Malicious network traffic detection based on deep neural networks and association analysis[J].Sensors，2020，20（5）：1452.
[5] 罗扶华，张爱新.基于深度学习的僵尸网络检测技术研究[J].通信技术，2020，53（1）：174-179.
LUO F H，ZHANG A X.Research on botnet detection technology based on deep learning[J].Communication Technology，2020，53（1）：174-179.
[6] SRIRAM S，VINAYAKUMAR R，ALAZAB M，et al.Network flow based IoT botnet attack detection using deep learning[C]//2020 IEEE Conference on Computer Communications Workshops，Toronto，2020：189-194.
[7] YINKA-BANJO C，UGOT O-A.A review of generative adversarial networks and its application in cybersecurity[J].Artificial Intelligence Review，2020，53（3）：1721-1736.
[8] LIU Q，MA G，CHENG C.Data fusion generative adversarial network for multi-class imbalanced fault diagnosis of rotating machinery[J].IEEE Access，2020，8：70111-70124.
[9] PATSAKIS C，CASINO F，KATOS V.Encrypted and covert DNS queries for botnets：challenges and countermeasures[J].Computers & Security，2020，88：101614.
[10] SZEGEDY C，ZAREMBA W，SUTSKEVER I，et al.Intri-
guing properties of neural networks[C]//2nd International Conference on Learning Representations，Banff，Apr 14-16，2014.
[11] XIAO Y，PUN C M，LIU B.Crafting adversarial example with adaptive root mean square gradient on deep neural networks[J].Neurocomputing，2020，389：179-195.
[12] 张文翔.基于批量梯度的对抗样本生成方法的研究[D].武汉：华中科技大学，2019.
ZHANG W X.Research on adversarial sample generation method based on batch gradient[D].Wuhan：Huazhong University of Science and Technology，2019.
[13] 郭清杨.基于生成对抗网络的对抗样本生成[J].现代计算机，2020（7）：24-28.
GUO Q Y.Adversarial sample generation based on generative adversarial network[J].Modern Computer，2020（7）：24-28.
[14] 孙曦音，封化民，刘飚，等.基于GAN的对抗样本生成研究[J].计算机应用与软件，2019，36（7）：202-207.
SUN X Y，FENG H M，LIU B，et al.Research on adversarial sample generation based on GAN[J].Computer Applications and Software，2019，36（7）：202-207.
[15] ZHANG X，ZHOU Y，PEI S，et al.Adversarial examples detection for XSS attacks based on generative adversarial networks[J].IEEE Access，2020，8：10989-10996.
[16] 潘一鸣，林家骏.基于生成对抗网络的恶意网络流生成及验证[J].华东理工大学学报（自然科学版），2019，45（2）：165-171.
PAN Y M，LIN J J.Generation and verification of malicious network flow based on generative confrontation network[J].Journal of East China University of Science and Technology（Natural Science Edition），2019，45（2）：165-171.
[17] GOODFELLOW I J，SHLENS J，SZEGEDY C.Explaining and harnessing adversarial examples[C]//3rd International Conference on Learning Representations，San Diego，May 7-9，2015.
[18] GROSSE K，PAPERNOT N，MANOHARAN P，et al.Adversarial perturbations against deep neural networks for malware classification[J].arXiv：1606.04435，2016.
[19] 周文，张世琨，丁勇，等.面向低维工控网数据集的对抗样本攻击分析[J].计算机研究与发展，2020，57（4）：736-745.
ZHOU W，ZHANG S K，DING Y，et al.Analysis of adversarial sample attacks for low-dimensional industrial control network datasets[J].Computer Research and Development，2020，57（4）：736-745.
[20] MEIDAN Y，BOHADANA M，MATHOV Y，et al.N-BaIoT-network-based detection of IoT botnet attacks using deep autoencoders[J].IEEE Pervasive Computing，2018，17（3）：12-22.