一种针对基于SVM入侵检测系统的毒性攻击方法

在机器学习被广泛应用的背景下，本文提出一种针对基于SVM（Support Vector Machine）入侵检测系统的新颖攻击方法——毒性攻击.该方法通过篡改训练数据，进而误导SVM的机器学习过程，降低入侵检测系统的分类模型对攻击流量的识别率.本文把这种攻击建模为最优化问题，利用数值方法得到攻击样本.通过包含多种攻击类型的NSL-KDD数据集进行实验，从攻击流量的召回率和精度这两个指标对攻击效果进行评估，与已有方法相比，实验结果表明本文方法可更有效地降低入侵检测系统的识别率.本文希望通过该研究进一步认识针对机器学习的新颖攻击，为下一步研究对应的防御机制提供研究基础.

A Poisoning Attack on Intrusion Detection System Based on SVM

Machine learning is widely applied in various intelligent devices including intrusion detection systems (IDS).We propose a novel approach called poising attack on IDS based on SVM.This attack is to degrade detection rate of IDS by misleading the SVM learning process with poisoned training data set.We model the poisoning attack as an optimization problem and solve it with numerical approach to get poisoned data set.At last,NSL-KDD data including several real attacks is used in our experiments,and two measures of precision and callback are used to evaluate the effectiveness.The result shows the poisoning attack approach can significantly degrade the IDS performance.This study may further understand the possible new attacks on machine learning,and provide the basis for the next study of the corresponding defense methods.