CQUniversity
Browse

File(s) not publicly available

Robust malware defense in industrial IoT applications using machine learning with selective adversarial samples

journal contribution
posted on 2020-08-31, 00:00 authored by ME Khoda, Tasadduq ImamTasadduq Imam, J Kamruzzaman, I Gondal, A Rahman
Industrial Internet of Things (IIoT) deploys edge devices to act as intermediaries between sensors and actuators and application servers or cloud services. Machine learning models have been widely used to thwart malware attacks in such edge devices. However, these models are vulnerable to adversarial attacks where attackers craft adversarial samples by introducing small perturbations to malware samples to fool a classifier to misclassify them as benign applications. Literature on deep learning networks proposes adversarial retraining as a defense mechanism where adversarial samples are combined with legitimate samples to retrain the classifier. However, existing works select such adversarial samples in a random fashion which degrades the classifier's performance. This work proposes two novel approaches for selecting adversarial samples to retrain a classifier. One, based on the distance from malware cluster center, and the other, based on a probability measure derived from a kernel based learning (KBL). Our experiments show that both of our sample selection methods outperform the random selection method and the KBL selection method improves detection accuracy by 6%. Also, while existing works focus on deep neural networks with respect to adversarial retraining, we additionally assess the impact of such adversarial samples on other classifiers and our proposed selective adversarial retraining approaches show similar performance improvement for these classifiers as well. The outcomes from the study can assist in designing robust security systems for IIoT applications.

History

Volume

56

Issue

4

Start Page

4415

End Page

4424

Number of Pages

10

eISSN

1939-9367

ISSN

0093-9994

Publisher

IEEE

Peer Reviewed

  • Yes

Open Access

  • No

External Author Affiliations

Federation University Australia; CSIRO

Era Eligible

  • Yes

Journal

IEEE Transactions on Industry Applications

Usage metrics

    CQUniversity

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC