Skip to main content

Research Repository

Advanced Search

Functionality-preserving adversarial machine learning for robust classification in cybersecurity and intrusion detection domains: A survey

McCarthy, Andrew; Ghadafi, Essam; Andriotis, Panagiotis; Legg, Phil

Functionality-preserving adversarial machine learning for robust classification in cybersecurity and intrusion detection domains: A survey Thumbnail


Authors

Essam Ghadafi Essam.Ghadafi@uwe.ac.uk
Senior Lecturer in Computer Science

Profile image of Panos Andriotis

Dr Panos Andriotis Panagiotis.Andriotis@uwe.ac.uk
Senior Lecturer in Computer Forensics and Security



Abstract

Machine learning has become widely adopted as a strategy for dealing with a variety of cybersecurity issues, ranging from insider threat detection to intrusion and malware detection. However, by their very nature, machine learning systems can introduce vulnerabilities to a security defence whereby a learnt model is unaware of so-called adversarial examples that may intentionally result in mis-classification and therefore bypass a system. Adversarial machine learning has been a research topic for over a decade and is now an accepted but open problem. Much of the early research on adversarial examples has addressed issues related to computer vision, yet as machine learning continues to be adopted in other domains, then likewise it is important to assess the potential vulnerabilities that may occur. A key part of transferring to new domains relates to functionality-preservation, such that any crafted attack can still execute the original intended functionality when inspected by a human and/or a machine. In this literature survey, our main objective is to address the domain of adversarial machine learning attacks and examine the robustness of machine learning models in the cybersecurity and intrusion detection domains. We identify the key trends in current work observed in the literature, and explore how these relate to the research challenges that remain open for future works. Inclusion criteria were: articles related to functionality-preservation in adversarial machine learning for cybersecurity or intrusion detection with insight into robust classification. Generally, we excluded works that are not yet peer-reviewed; however, we included some significant papers that make a clear contribution to the domain. There is a risk of subjective bias in the selection of non-peer reviewed articles; however, this was mitigated by co-author review. We selected the following databases with a sizeable computer science element to search and retrieve literature: IEEE Xplore, ACM Digital Library, ScienceDirect, Scopus, SpringerLink, and Google Scholar. The literature search was conducted up to January 2022. We have striven to ensure a comprehensive coverage of the domain to the best of our knowledge. We have performed systematic searches of the literature, noting our search terms and results, and following up on all materials that appear relevant and fit within the topic domains of this review. This research was funded by the Partnership PhD scheme at the University of the West of England in collaboration with Techmodal Ltd.

Journal Article Type Article
Acceptance Date Mar 15, 2022
Online Publication Date Mar 17, 2022
Publication Date Mar 17, 2022
Deposit Date Mar 23, 2022
Publicly Available Date Mar 23, 2022
Journal Journal of Cybersecurity and Privacy
Electronic ISSN 2624-800X
Publisher MDPI
Peer Reviewed Peer Reviewed
Volume 2
Issue 1
Pages 154-190
DOI https://doi.org/10.3390/jcp2010010
Keywords General Medicine
Public URL https://uwe-repository.worktribe.com/output/9233263

Files





You might also like



Downloadable Citations