Research On Adversarial Attack For HTTP Anomaly Detection

In recent years,with unprecedented success in many areas such as image classification,speech recognition and natural language processing,deep learning is increasingly applied in security fields,such as malware detection and HTTP anomaly detection.However,recent research has found that deep learning is vulnerable to well-designed input examples.These well-designed examples that misclassify deep neural network are called adversarial examples.The process of constructing adversarial examples is adversarial attack.The advent of adversarial examples has brought huge security challenges to the widespread application of deep learning.Especially when deep learning is applied to security fields,the existence of adversarial examples will cause more serious consequences.At the same time,the existence of adversarial examples can also stimulate more research on defense algorithms,thereby further improving the robustness of neural networks.Therefore,this thesis aims to study the adversarial attack of HTTP anomaly detection in security field.The main research contents of this thesis are as follows:1.The FGSM+NNS adversarial attack algorithm is proposed.At present,the research on adversarial attacks is mainly concentrated in image classification.Therefore,based on FGSM adversarial attack algorithm in image classification,this thesis proposes the FGSM+NNS adversarial attack algorithm for constructing adversarial examples in HTTP anomaly detection.Adversarial examples generated by FGSM+NNS can not only successfully deceive HTTP anomaly detection model,but also effectively maintain the functional integrity of the original examples.2.The feature enhancement adversarial attack algorithm and framework are proposed.Based on the research point one,this thesis further proposes the feature enhancement adversarial attack algorithm.This algorithm enhances the features of target class in the original example to make original example close to target class example,thereby guiding misclassification of HTTP anomaly detection model to achieve target attack.Compared with the FGSM+ NNS adversarial attack algorithm,adversarial examples generated by this algorithm can further improve the effectiveness of adversarial attack and show better transferability.In addition,this thesis further summarizes the feature enhancement adversarial attack algorithm into a general feature enhancement target attack framework.This framework is mainly composed of feature subspace,subspace search and feature enhancement.It is not limited to constructing adversarial examples for HTTP anomaly detection in this thesis,but can also be applied to generating adversarial examples for other applications.