Skip to main content
SpringerLink
Log in

XAI to Explore Robustness of Features in Adversarial Training for Cybersecurity

  • Conference paper
  • First Online:
Foundations of Intelligent Systems (ISMIS 2022)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 13515))

Included in the following conference series:

Abstract

Adversarial training is an effective learning approach to harden deep neural models against adversarial examples. In this paper, we explore the accuracy of adversarial training in cybersecurity. In addition, we use an XAI technique to analyze how certain input features may have an effect on decisions yielded with adversarial training giving the security analyst much better insight into robustness of features. Finally, we start the investigation of how XAI can be used for robust features selection within adversarial training in cybersecurity problems.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://www.unb.ca/cic/datasets/maldroid-2020.html.

  2. 2.

    downloads.distrinet-research.be/WTMC2021.

  3. 3.

    https://adversarial-robustness-toolbox.readthedocs.io/.

  4. 4.

    https://github.com/ModelOriented/DALEX.

  5. 5.

    The source code is available at https://github.com/malikalessa/ISMIS.

References

  1. AL-Essa, M., Appice, A.: Dealing with imbalanced data in multi-class network intrusion detection systems using xgboost. In: PKDD/ECML Workshops (2), vol. 1525, pp. 5–21. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-93733-1_1

  2. Andresini, G., Appice, A., Paolo Caforio, F., Malerba, D.: Improving cyber-threat detection by moving the boundary around the normal samples. In: Maleh, Y., Shojafar, M., Alazab, M., Baddi, Y. (eds.) Machine Intelligence and Big Data Analytics for Cybersecurity Applications. SCI, vol. 919, pp. 105–127. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-57024-8_5

    Chapter  Google Scholar 

  3. Andresini, G., Appice, A., Caforio, F.P., Malerba, D., Vessio, G.: Roulette: A neural attention multi-output model for explainable network intrusion detection. Expert Syst. Appl., 117144 (2022)

    Google Scholar 

  4. Andresini, G., Appice, A., Mauro, N.D., Loglisci, C., Malerba, D.: Exploiting the auto-encoder residual error for intrusion detection. In: Proceedings of EuroS &P Workshops 2019, pp. 281–290. IEEE (2019)

    Google Scholar 

  5. Andresini, G., Pendlebury, F., Pierazzi, F., Loglisci, C., Appice, A., Cavallaro, L.: INSOMNIA: towards concept-drift robustness in network intrusion detection. In: Proceedings of AISec@CCS 2021, pp. 111–122. ACM (2021)

    Google Scholar 

  6. Bai, T., Luo, J., Zhao, J., Wen, B., Wang, Q.: Recent advances in adversarial training for adversarial robustness. In: Proceedings of IJCAI 2021, pp. 4312–4321. ijcai.org (2021)

    Google Scholar 

  7. Biecek, P.: DALEX: explainers for complex predictive models in R. J. Mach. Learn. Res. 19(84), 1–5 (2018)

    Google Scholar 

  8. Ceci, M., Appice, A., Loglisci, C., Caruso, C., Fumarola, F., Malerba, D.: Novelty detection from evolving complex data streams with time windows. In: Rauch, J., Raś, Z.W., Berka, P., Elomaa, T. (eds.) ISMIS 2009. LNCS (LNAI), vol. 5722, pp. 563–572. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04125-9_59

    Chapter  Google Scholar 

  9. Demetrio, L., Coull, S.E., Biggio, B., Lagorio, G., Armando, A., Roli, F.: Adversarial exemples: A survey and experimental evaluation of practical attacks on machine learning for windows malware detection. ACM Trans. Priv. Secur. 24(4), 27:1–27:31 (2021)

    Google Scholar 

  10. Engelen, G., Rimmer, V., Joosen, W.: Troubleshooting an intrusion detection dataset: the CICIDS2017 case study. In: IEEE EuroS &P Workshops (2021)

    Google Scholar 

  11. Ferilli, S., De Carolis, B., Pazienza, A., Esposito, F., Redavid, D.: An agent architecture for adaptive supervision and control of smart environments. In: Proceedings of PECCS 2015, pp. 160–167. SciTePress (2015)

    Google Scholar 

  12. Goodfellow, I.J., Shlens, J., Szegedy, C.: Explaining and harnessing adversarial examples. In: 3rd International Conference on Learning Representations, ICLR 2015, Conference Track Proceedings (2015)

    Google Scholar 

  13. Kuppa, A., Le-Khac, N.A.: Adversarial XAI methods in cybersecurity. IEEE Trans. Inf. Forensics Secur. 16, 4924–4938 (2021)

    Article  Google Scholar 

  14. Lakkaraju, H., Kamar, E., Caruana, R., Leskovec, J.: Faithful and customizable explanations of black box models. In: Proceedings of the 2019 AAAI/ACM Conference on AI, Ethics, and Society, pp. 131–138 (2019)

    Google Scholar 

  15. Madry, A., Makelov, A., Schmidt, L., Tsipras, D., Vladu, A.: Towards deep learning models resistant to adversarial attacks. In: 6th International Conference on Learning Representations, ICLR 2018, Conference Track Proceedings (2018)

    Google Scholar 

  16. Mahdavifar, S., Alhadidi, D., Ghorbani, A.A.: Effective and efficient hybrid android malware classification using pseudo-label stacked auto-encoder. J. Netw. Syst. Manag. 30(1), 22 (2022)

    Article  Google Scholar 

  17. Marino, D.L., Wickramasinghe, C.S., Manic, M.: An adversarial approach for explainable AI in intrusion detection systems. In: IECON 2018–44th Annual Conference of the IEEE Industrial Electronics Society, pp. 3237–3243 (2018)

    Google Scholar 

  18. Pierazzi, F., Pendlebury, F., Cortellazzi, J., Cavallaro, L.: Intriguing properties of adversarial ml attacks in the problem space. In: 2020 IEEE Symposium on Security and Privacy (SP), pp. 1332–1349 (2020)

    Google Scholar 

  19. Wang, J.: Adversarial examples in physical world. In: Proceedings of the Thirtieth International Joint Conference on Artificial Intelligence, IJCAI-21, pp. 4925–4926 (2021)

    Google Scholar 

  20. Wang, J., Chang, X., Wang, Y., Rodríguez, R.J., Zhang, J.: LSGAN-AT: enhancing malware detector robustness against adversarial examples. Cybersecurity 4(1), 1–15 (2021). https://doi.org/10.1186/s42400-021-00102-9

    Article  Google Scholar 

  21. Wang, M., Zheng, K., Yang, Y., Wang, X.: An explainable machine learning framework for intrusion detection systems. IEEE Access 8, 73127–73141 (2020)

    Article  Google Scholar 

  22. Warnecke, A., Arp, D., Wressnegger, C., Rieck, K.: Evaluating explanation methods for deep learning in security. In: 2020 IEEE EuroS &P, pp. 158–174. IEEE (2020)

    Google Scholar 

  23. Yin, C., Zhu, Y., Liu, S., Fei, J., Zhang, H.: Enhancing network intrusion detection classifiers using supervised adversarial training. J. Supercomput. 76(9), 6690–6719 (2019). https://doi.org/10.1007/s11227-019-03092-1

    Article  Google Scholar 

Download references

Acknowledgment

The research of Malik AL-Essa is funded by PON RI 2014-2020 - Machine Learning per l’Investigazione di Cyber-minacce e la Cyber-difesa - CUP H98B20000970007. We acknowledge the support of the project “Modelli e tecniche di data science per la analisi di dati strutturati” funded by the University of Bari “Aldo Moro”.

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Bari “Aldo Moro”, Bari, Italy

    Malik AL-Essa, Giuseppina Andresini, Annalisa Appice & Donato Malerba

  2. CINI - Consorzio Interuniversitario Nazionale per l’Informatica, Bari, Italy

    Malik AL-Essa, Giuseppina Andresini, Annalisa Appice & Donato Malerba

Authors
  1. Malik AL-Essa
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Giuseppina Andresini
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Annalisa Appice
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Donato Malerba
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Malik AL-Essa .

Editor information

Editors and Affiliations

  1. Università degli Studi di Bari Aldo Moro, Bari, Italy

    Michelangelo Ceci

  2. Università della Calabria, Rende, Italy

    Sergio Flesca

  3. Università Federico II di Napoli, Naples, Italy

    Elio Masciari

  4. ICAR-CNR, Rende, Italy

    Giuseppe Manco

  5. University of North Carolina, Charlotte, NC, USA

    Zbigniew W. Raś

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

AL-Essa, M., Andresini, G., Appice, A., Malerba, D. (2022). XAI to Explore Robustness of Features in Adversarial Training for Cybersecurity. In: Ceci, M., Flesca, S., Masciari, E., Manco, G., Raś, Z.W. (eds) Foundations of Intelligent Systems. ISMIS 2022. Lecture Notes in Computer Science(), vol 13515. Springer, Cham. https://doi.org/10.1007/978-3-031-16564-1_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-16564-1_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-16563-4

  • Online ISBN: 978-3-031-16564-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation