| Machine lerning(ML)algorithms have performed well in many research fields,such as com-puter vision,spam e-mail filtering,natural language processing and malware detection.In addition,recent studies demonstrate that deploying ML algorithms in intrusion detection system(IDS)is an effective way to improve the security of industrial control systems(ICS).However,machine learn-ing models themselves are vulnerable to adversarial samples at training or testing time.Malicious adversaries may make a small well-designed modification to the testing sample,so that the ma-chine learning algorithm makes a totally different decision.Therefore in this work,our goal is to launch stealthy cyber attacks,including typical ICS attacks such as injection attacks,function code attacks and reconnaissance attacks,towards the ML-based IDSs in ICS.Instead of using adversarial machine learning methods directly,we take specific constraints from the communication protocol and legal range of data in ICS into consideration and then formulate an optimization problem to find appropriate stealthy attacks.To make the problem well solved,we propose two strategies(i.e.,optimal solution attack and GAN attack)oriented to different volume of data,where the former solves the problem directly while the latter provides a more efficient solution for large volume of sample data.Finally,we conduct experiments on a semi-physical ICS testbed with a high detec-tion performance ensemble ML-based detector to show the effectiveness of our attacks.The results indicate that both optimal solution attack and GAN attack of reconnaissance attack and function code attack possess 80%higher probability to evade the detector. |
PDF Full Text Request