Repository logo
 
Project Logo
Research Project

Research Group on Intelligent Engineering and Computing for Advanced Innovation and Development

Metadata only

Funder

Organizational Unit

Authors

Publications

SoK: Realistic Adversarial Attacks and Defenses for Intelligent Network Intrusion Detection
Publication . Vitorino, João; Praça, Isabel; Maia, Eva
Machine Learning (ML) can be incredibly valuable to automate anomaly detection and cyber-attack classification, improving the way that Network Intrusion Detection (NID) is performed. However, despite the benefits of ML models, they are highly susceptible to adversarial cyber-attack examples specifically crafted to exploit them. A wide range of adversarial attacks have been created and researchers have worked on various defense strategies to safeguard ML models, but most were not intended for the specific constraints of a communication network and its communication protocols, so they may lead to unrealistic examples in the NID domain. This Systematization of Knowledge (SoK) consolidates and summarizes the state-of-the-art adversarial learning approaches that can generate realistic examples and could be used in real ML development and deployment scenarios with real network traffic flows. This SoK also describes the open challenges regarding the use of adversarial ML in the NID domain, defines the fundamental properties that are required for an adversarial example to be realistic, and provides guidelines for researchers to ensure that their future experiments are adequate for a real communication network.
2023Journal article Open access Show more
Constrained Adversarial Learning and its applicability to Automated Software Testing: a systematic review
Publication . Vitorino, João; Dias, Tiago; Fonseca, Tiago; Maia, Eva; Praça, Isabel
Every novel technology adds hidden vulnerabilities ready to be exploited by a growing number of cyber-attacks. Automated software testing can be a promising solution to quickly analyze thousands of lines of code by generating and slightly modifying function-specific testing data to encounter a multitude of vulnerabilities and attack vectors. This process draws similarities to the constrained adversarial examples generated by adversarial learning methods, so there could be significant benefits to the integration of these methods in automated testing tools. Therefore, this systematic review is focused on the current state-of-the-art of constrained data generation methods applied for adversarial learning and software testing, aiming to guide researchers and developers to enhance testing tools with adversarial learning methods and improve the resilience and robustness of their digital systems. The found constrained data generation applications for adversarial machine learning were systematized, and the advantages and limitations of approaches specific for software testing were thoroughly analyzed, identifying research gaps and opportunities to improve testing tools with adversarial attack methods.
2023Journal article Open access Show more
LEMMAS: a secured and trusted Local Energy Market simulation system
Publication . Andrade, Rui; Vitorino, João; Wannous, Sinan; Maia, Eva; Praça, Isabel
The ever changing nature of the energy grid and the addition of novel systems such as the Local Energy Market (LEM) drastically increase its complexity, thus making the management harder and with increased importance at local level. Providing innovative and advanced management solutions is fundamental for the success of this new distributed energy grid paradigm. In this paper we extend Multi-Agent System (MAS) based simulation tool for LEMs called LEMMAS. A cyberattack detection model is developed and integrated in LEMMAS with the objective of preventing cyber-attacks from affecting the negotiations. This model is compared with the previous version which only analysed the trustworthiness of participants. The results show that the cyber-attack detection model drastically increases the security capabilities of LEMMAS.
2022Conference object Restricted access Show more
From Data to Action: Exploring AI and IoT-driven Solutions for Smarter Cities
Publication . Dias, Tiago; Fonseca, Tiago; Vitorino, João; Martins, Andreia; Malpique, Sofia; Praça, Isabel
The emergence of smart cities demands harnessing advanced technologies like the Internet of Things (IoT) and Artificial Intelligence (AI) and promises to unlock cities' potential to become more sustainable, efficient, and ultimately livable for their inhabitants. This work introduces an intelligent city management system that provides a data-driven approach to three use cases: (i) analyze traffic information to reduce the risk of traffic collisions and improve driver and pedestrian safety, (ii) identify when and where energy consumption can be reduced to improve cost savings, and (iii) detect maintenance issues like potholes in the city's roads and sidewalks, as well as the beginning of hazards like floods and fires. A case study in Aveiro City demonstrates the system's effectiveness in generating actionable insights that enhance security, energy efficiency, and sustainability, while highlighting the potential of AI and IoT-driven solutions for smart city development.
2023Conference object Open access Show more
Towards Adversarial Realism and Robust Learning for IoT Intrusion Detection and Classification
Publication . Vitorino, João; Praça, Isabel; Maia, Eva
The internet of things (IoT) faces tremendous security challenges. Machine learning models can be used to tackle the growing number of cyber-attack variations targeting IoT systems, but the increasing threat posed by adversarial attacks restates the need for reliable defense strategies. This work describes the types of constraints required for a realistic adversarial cyber-attack example and proposes a methodology for a trustworthy adversarial robustness analysis with a realistic adversarial evasion attack vector. The proposed methodology was used to evaluate three supervised algorithms, random forest (RF), extreme gradient boosting (XGB), and light gradient boosting machine (LGBM), and one unsupervised algorithm, isolation forest (IFOR). Constrained adversarial examples were generated with the adaptative perturbation pattern method (A2PM), and evasion attacks were performed against models created with regular and adversarial training. Even though RF was the least affected in binary classification, XGB consistently achieved the highest accuracy in multi-class classification. The obtained results evidence the inherent susceptibility of tree-based algorithms and ensembles to adversarial evasion attacks and demonstrate the benefits of adversarial training and a security-by-design approach for a more robust IoT network intrusion detection and cyber-attack classification.
2023Journal article Open access Show more

Organizational Units

Description

Keywords

Contributors

Funders

Funding agency

Fundação para a Ciência e a Tecnologia

Funding programme

6817 - DCRRNI ID

Funding Award Number

UIDB/00760/2020

ID