Abstract:
As deep learning shows great performance for large samples, more and more network security products use deep learning based algorithms to improve the detection performance. However, recent studies have found that deep learning based classifier may have poor stability when confronting adversarial samples. This problem has attracted many attentions and some related research results have been reported. In this paper, a new model based on generative adversarial nets (GAN) is proposed to generate adversarial samples. The proposed model is composed of three modules: generative module, discriminative module, and authentication module. The generative module is responsible for generating new malicious network flow adversarial samples. These adversarial examples are constrained by weakly related bits to guarantee the executability and offensiveness. The discriminative module detects the target via a large number of samples, by which a high-dimensional neural network is constructed to fit the target detector. Its aims is to implement the deception of the black box target detector using adversarial samples. The authentication module includes Snort and target detector, which may be utilized to verify the validity of the adversarial samples by comparing the detection results. The three modules will cooperate with each other to implement the executability and offensiveness protection on malicious network flow samples, and achieve the entire process of generating adversarial samples for deceiving target detector. The main contribution of this work includes: the proposed model can generates adversarial samples via malicious network flow; the weakly related bits are proposed to ensure the executability and offensiveness of malicious network flows adversarial samples; the adversarial samples generated by this model can effectively deceive the deep learning based network security detector. Finally, experiment results show that the adversarial samples can attain actual attack effect.