Adversarial Attack on Cisco Joy - A Supervised Machine Learning Classifier for Identifying Encrypted Malware Traffic with Contextual Flow Data
Sreerama, Rohan
Loading…
Permalink
https://hdl.handle.net/2142/124803
Description
Title
Adversarial Attack on Cisco Joy - A Supervised Machine Learning Classifier for Identifying Encrypted Malware Traffic with Contextual Flow Data
Author(s)
Sreerama, Rohan
Issue Date
2023-05-01
Keyword(s)
AI; ML; Adversarial Attacks, Network security
Abstract
Adversarial Attacks pose a clear threat to machine learning applications today, as they have the potential to disrupt the classification process of models already deployed to mass volumes of users. The challenge exists in developing a generalized framework to identify malicious traffic without compromising network privacy and maintaining encryption. To that end, Cisco Joy is a supervised ML classifier that leverages network flow metadata to identify malicious encrypted traffic. It leverages what is called a data omnia approach; that is, Joy utilizes a wide variety of network flow data features like TLS handshake metadata, DNS contextual flows, and HTTP headers of HTTP contextual flows. This data allows the model to learn numerous parameters that identify clear discriminatory patterns throughout the data to further understand the differences between a benign and malicious network flow. Thus far, Cisco Joy’s logistic regression modeling reports a 0.00% false discovery rate up to four significant figures. The existence of an adversarial threat to Cisco Joy can compromise the security and privacy of millions of networks that rely on Joy’s classification approach. Investigating the adversarial robustness of this tool would be invaluable to our understanding of how exposed networks are when utilizing this model as a means of security against malicious traffic. We propose an adversarial black-box attack on Cisco Joy that degrades its ability to accurately distinguish between benign and malicious network flow traffic.
Use this login method if you
don't
have an
@illinois.edu
email address.
(Oops, I do have one)
IDEALS migrated to a new platform on June 23, 2022. If you created
your account prior to this date, you will have to reset your password
using the forgot-password link below.
