CyberForce: A Federated Reinforcement Learning Framework for Malware
Mitigation
- URL: http://arxiv.org/abs/2308.05978v2
- Date: Fri, 8 Sep 2023 09:57:04 GMT
- Title: CyberForce: A Federated Reinforcement Learning Framework for Malware
Mitigation
- Authors: Chao Feng, Alberto Huertas Celdran, Pedro Miguel Sanchez Sanchez, Jan
Kreischer, Jan von der Assen, Gerome Bovet, Gregorio Martinez Perez, Burkhard
Stiller
- Abstract summary: CyberForce is a framework that combines Federated and Reinforcement Learning (FRL) to learn suitable MTD techniques for mitigating zero-day attacks.
Experiments show that CyberForce learns the MTD technique mitigating each attack faster than existing RL-based centralized approaches.
Different aggregation algorithms used during the agent learning process provide CyberForce with notable robustness to malicious attacks.
- Score: 6.495840475254741
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Recent research has shown that the integration of Reinforcement Learning (RL)
with Moving Target Defense (MTD) can enhance cybersecurity in
Internet-of-Things (IoT) devices. Nevertheless, the practicality of existing
work is hindered by data privacy concerns associated with centralized data
processing in RL, and the unsatisfactory time needed to learn right MTD
techniques that are effective against a rising number of heterogeneous zero-day
attacks. Thus, this work presents CyberForce, a framework that combines
Federated and Reinforcement Learning (FRL) to collaboratively and privately
learn suitable MTD techniques for mitigating zero-day attacks. CyberForce
integrates device fingerprinting and anomaly detection to reward or penalize
MTD mechanisms chosen by an FRL-based agent. The framework has been deployed
and evaluated in a scenario consisting of ten physical devices of a real IoT
platform affected by heterogeneous malware samples. A pool of experiments has
demonstrated that CyberForce learns the MTD technique mitigating each attack
faster than existing RL-based centralized approaches. In addition, when various
devices are exposed to different attacks, CyberForce benefits from knowledge
transfer, leading to enhanced performance and reduced learning time in
comparison to recent works. Finally, different aggregation algorithms used
during the agent learning process provide CyberForce with notable robustness to
malicious attacks.
Related papers
- A Hybrid Training-time and Run-time Defense Against Adversarial Attacks in Modulation Classification [35.061430235135155]
Defense mechanism based on both training-time and run-time defense techniques for protecting machine learning-based radio signal (modulation) classification against adversarial attacks.
Considering a white-box scenario and real datasets, we demonstrate that our proposed techniques outperform existing state-of-the-art technologies.
arXiv Detail & Related papers (2024-07-09T12:28:38Z) - Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS)
FLEKD enables a more flexible aggregation method than conventional model fusion techniques.
Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z) - Untargeted White-box Adversarial Attack with Heuristic Defence Methods
in Real-time Deep Learning based Network Intrusion Detection System [0.0]
In Adversarial Machine Learning (AML), malicious actors aim to fool the Machine Learning (ML) and Deep Learning (DL) models to produce incorrect predictions.
AML is an emerging research domain, and it has become a necessity for the in-depth study of adversarial attacks.
We implement four powerful adversarial attack techniques, namely, Fast Gradient Sign Method (FGSM), Jacobian Saliency Map Attack (JSMA), Projected Gradient Descent (PGD) and Carlini & Wagner (C&W) in NIDS.
arXiv Detail & Related papers (2023-10-05T06:32:56Z) - Avoid Adversarial Adaption in Federated Learning by Multi-Metric
Investigations [55.2480439325792]
Federated Learning (FL) facilitates decentralized machine learning model training, preserving data privacy, lowering communication costs, and boosting model performance through diversified data sources.
FL faces vulnerabilities such as poisoning attacks, undermining model integrity with both untargeted performance degradation and targeted backdoor attacks.
We define a new notion of strong adaptive adversaries, capable of adapting to multiple objectives simultaneously.
MESAS is the first defense robust against strong adaptive adversaries, effective in real-world data scenarios, with an average overhead of just 24.37 seconds.
arXiv Detail & Related papers (2023-06-06T11:44:42Z) - Adversarial attacks and defenses on ML- and hardware-based IoT device
fingerprinting and identification [0.0]
This work proposes an LSTM-CNN architecture based on hardware performance behavior for individual device identification.
Previous techniques have been compared with the proposed architecture using a hardware performance dataset collected from 45 Raspberry Pi devices.
adversarial training and model distillation defense techniques are selected to improve the model resilience to evasion attacks.
arXiv Detail & Related papers (2022-12-30T13:11:35Z) - RL and Fingerprinting to Select Moving Target Defense Mechanisms for
Zero-day Attacks in IoT [0.5172201569251684]
Cybercriminals are moving towards zero-day attacks affecting resource-constrained devices.
Moving Target Defense is a promising approach to mitigate attacks by dynamically altering target attack surfaces.
This paper proposes an online RL-based framework to learn the correct MTD mechanisms mitigating heterogeneous zero-day attacks in SBC.
arXiv Detail & Related papers (2022-12-30T12:15:59Z) - RelaxLoss: Defending Membership Inference Attacks without Losing Utility [68.48117818874155]
We propose a novel training framework based on a relaxed loss with a more achievable learning target.
RelaxLoss is applicable to any classification model with added benefits of easy implementation and negligible overhead.
Our approach consistently outperforms state-of-the-art defense mechanisms in terms of resilience against MIAs.
arXiv Detail & Related papers (2022-07-12T19:34:47Z) - Downlink Power Allocation in Massive MIMO via Deep Learning: Adversarial
Attacks and Training [62.77129284830945]
This paper considers a regression problem in a wireless setting and shows that adversarial attacks can break the DL-based approach.
We also analyze the effectiveness of adversarial training as a defensive technique in adversarial settings and show that the robustness of DL-based wireless system against attacks improves significantly.
arXiv Detail & Related papers (2022-06-14T04:55:11Z) - Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the
Age of AI-NIDS [70.60975663021952]
We study blackbox adversarial attacks on network classifiers.
We argue that attacker-defender fixed points are themselves general-sum games with complex phase transitions.
We show that a continual learning approach is required to study attacker-defender dynamics.
arXiv Detail & Related papers (2021-11-23T23:42:16Z) - Federated Learning with Unreliable Clients: Performance Analysis and
Mechanism Design [76.29738151117583]
Federated Learning (FL) has become a promising tool for training effective machine learning models among distributed clients.
However, low quality models could be uploaded to the aggregator server by unreliable clients, leading to a degradation or even a collapse of training.
We model these unreliable behaviors of clients and propose a defensive mechanism to mitigate such a security risk.
arXiv Detail & Related papers (2021-05-10T08:02:27Z) - Security of Distributed Machine Learning: A Game-Theoretic Approach to
Design Secure DSVM [31.480769801354413]
This work aims to develop secure distributed algorithms to protect the learning from data poisoning and network attacks.
We establish a game-theoretic framework to capture the conflicting goals of a learner who uses distributed support vector machines (SVMs) and an attacker who is capable of modifying training data and labels.
The numerical results show that distributed SVM is prone to fail in different types of attacks, and their impact has a strong dependence on the network structure and attack capabilities.
arXiv Detail & Related papers (2020-03-08T18:54:17Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.