通信学报 ›› 2024, Vol. 45 ›› Issue (4): 73-83.doi: 10.11959/j.issn.1000-436x.2024077

• 学术论文 • 上一篇    下一篇

基于后门攻击的恶意流量逃逸方法

马博文, 郭渊博(), 马骏, 张琦, 方晨   

  1. 信息工程大学密码工程学院,河南 郑州 450001
  • 收稿日期:2023-09-27 修回日期:2024-03-12 出版日期:2024-04-30 发布日期:2024-05-27
  • 通讯作者: 郭渊博 E-mail:yuanbo_g@hotmail.com
  • 作者简介:马博文(1992- ),男,河南驻马店人,信息工程大学助理研究员,主要研究方向为人工智能安全、网络攻防。
    郭渊博(1975- ),男,陕西周至人,博士,信息工程大学教授、博士生导师,主要研究方向为大数据安全、态势感知。
    马骏 (1981- ),男,河北安国人,信息工程大学副教授、硕士生导师,主要研究方向为态势感知、网络攻防。
    张琦 (1983- ),男,河南郑州人,信息工程大学博士生,主要研究方向为数字孪生、态势感知。
    方晨 (1993- ),男,安徽宿松人,博士,信息工程大学讲师,主要研究方向为机器学习、隐私安全。
  • 基金资助:
    国家自然科学基金资助项目(62276091);国家社会科学基金资助项目(2022-SKJJ-B-057)

Escape method of malicious traffic based on backdoor attack

Bowen MA, Yuanbo GUO(), Jun MA, Qi ZHANG, Chen FANG   

  1. Cryptography Engineering Institute, Information Engineering University, Zhengzhou 450001, China
  • Received:2023-09-27 Revised:2024-03-12 Online:2024-04-30 Published:2024-05-27
  • Contact: Yuanbo GUO E-mail:yuanbo_g@hotmail.com
  • Supported by:
    The National Natural Science Foundation of China(62276091);The National Social Science Fund of China(2022-SKJJ-B-057)

摘要:

针对基于深度学习模型的流量分类器,提出了一种利用后门攻击实现恶意流量逃逸的方法。通过在训练过程添加毒化数据将后门植入模型,后门模型将带有后门触发器的恶意流量判定为良性,从而实现恶意流量逃逸;同时对不含触发器的干净流量正常判定,保证了模型后门的隐蔽性。采用多种触发器分别生成不同后门模型,比较了多种恶意流量对不同后门模型的逃逸效果,同时分析了不同后门对模型性能的影响。实验验证了所提方法的有效性,为恶意流量逃逸提供了新的思路。

关键词: 后门攻击, 恶意流量逃逸, 深度学习, 网络流量分类

Abstract:

Launching backdoor attacks against deep learning (DL)-based network traffic classifiers, and a method of malicious traffic escape was proposed based on the backdoor attack. Backdoors were embedded in classifiers by mixing poisoned training samples with clean samples during the training process. These backdoor classifiers then identified the malicious traffic with an attacker-specific backdoor trigger as benign, allowing the malicious traffic to escape. Additionally, backdoor classifiers behaved normally on clean samples, ensuring the backdoor's concealment. Different backdoor triggers were adopted to generate various backdoor models, the effects of different malicious traffic on different backdoor models were compared, and the influence of different backdoors on the model's performance was analyzed. The effectiveness of the proposed method was verified through experiments, providing a new approach for escaping malicious traffic from classifiers.

Key words: backdoor attack, escape of malicious traffic, deep learning, network traffic classification

中图分类号: 

No Suggested Reading articles found!