Adversarial Attacks against Intrusion Detection Systems: Taxonomy, Solutions and Open Issues

TitleAdversarial Attacks against Intrusion Detection Systems: Taxonomy, Solutions and Open Issues
Publication TypeJournal Article
Year of Publication2013
AuthorsCorona, I, Giacinto, G, Roli, F
JournalInformation Sciences
Start Page201-225
Date Published08/2013
ISSN Number0020-0255

Intrusion Detection Systems (IDSs) are one of the key components for securing computing infrastructures. Their objective is to protect against attempts to violate defense mechanisms. Indeed, IDSs themselves are part of the computing infrastructure, and thus they may be attacked by the same adversaries they are designed to detect. This is a relevant aspect, especially in safety-critical environment, such as hospitals, aircrafts, nuclear power plants, etc. To the best of our knowledge, this survey is the first work to present an overview on adversarial attacks against IDSs. In particular, this paper will provide the following original contributions: (a) a general taxonomy of attack tactics against IDSs;  (b) an extensive description of how such attacks can be implemented by exploiting IDS weaknesses at different abstraction levels (c) for each attack implementation, a critical investigation of proposed solutions and open points. Finally, this paper will highlight the most promising research directions for the design of adversary-aware, harder-to-defeat IDS solutions. To this end, we leverage on our research experience in the field of intrusion detection, as well as on a thorough investigation of the relevant related works published so far.

Citation Key 1442
Corona-INS2013.pdf1.49 MB