Adversarial Traffic Detection Method Based on Ensemble Learning and Anomaly Detection

In recent years, deep learning technology has been increasingly used for malicious traffic detection. However, adversarial example attacks pose challenges to deep learning-based malicious traffic detection. To address this problem, this study proposes an adversarial traffic detection method based on ensemble learning and anomaly detection to detect adversarial example attacks against malicious traffic detection. First, a binary ensemble learner is trained for each malicious traffic category. For each base model, different data and feature subsets are used during training to increase the differences between the base models and increase the difficulty for adversarial examples crossing the decision boundaries of all models. Second, the proportion of base models that predict the input sample as normal traffic is used as the confidence score of the learning model; the confidence scores from different binary ensemble learners are then input into the isolated forest model, and anomaly detection is conducted using the isolated forest model to obtain the anomaly score. Finally, a comparison of the obtained anomaly score with the threshold of the anomaly score obtained for a normal example determines whether the example is adversarial. The experimental results show that the proposed method achieves the highest Area Under the Receiver Operating Characteristic Curve (AUC) values of 0.986 9 and 0.989 6 in the feature and restricted spaces, respectively, of the NSL-KDD dataset, and those of 0.999 1 and 0.999 8 in those spaces, respectively, of the CICIDS2017 dataset, which are better than those obtained using the comparative method.