The Evaluation of Adversarial Attacks Against ML-powered NIDS in a Realistic Scenario [preprint]

Machine learning-based Network Intrusion Detection Systems have significantly advanced network security by identifying and mitigating sophisticated threats. However, current research on adversarial attacks focuses on pre-aggregated datasets rather than raw traffic, which impacts the realism of the scenario. This paper evaluates a more realistic adversarial attack scenario by manipulating raw traffic in the PCAP files before the aggregation step of NetFlow data. This method better simulates real-world conditions, where traffic is captured and processed dynamically. We implement and compare traditional adversarial attacks using the Fast Gradient Sign Method directly on NetFlow data with the realistic scenario of infecting raw PCAP traffic. The main goal is to demonstrate whether such adversarial attacks would maintain the same effectiveness when performed on real traffic. Experimental results demonstrate that the realistic approach maintains the integrity and functionality of network traffic, and manages to affect the NIDS performance.

---

Disclaimer:

This is a preprint version of the article.

The content here is for view-only purposes. This is not the final published version and may differ from the version of record.

Please refer to the official version for citation and authoritative use.