Modeling Realistic Adversarial Traffic Against Deep-Learning-Based Intrusion Detection System in Industrial IoT

The widely deployment of infrastructure and wireless interfaces increases industrial IoT (IIoT) vulnerability to network intrusions, highlighting the requirements for robust network intrusion detection systems (NIDSs). Although deep learning (DL) provides a promising solution for NIDSs, it remains susceptible to adversarial attacks as minor input perturbations can lead to major misclassifications. In this article, we propose a packet-level adversarial traffic generation (PATG) approach for attacking NIDSs in IIoT, which not only aligns with domain constraints but also evades various DL-based NIDSs. Particularly, we introduce a reversible abstract traffic representation to ensure that the original traffic can be effectively modified while preserving its functionality. We propose a packet-level generative adversarial networks to craft adversarial traffic by learning benign data distribution in feature space and simulating evasion behaviors, which escapes the DL-based NIDSs. We further design two defense schemes to enhance system resilience against proposed adversarial attacks. We evaluate PATG on nine state-of-the-art DL-based NIDSs in the Kitsune and CICIoT23 datasets. Experimental results demonstrate that PATG can achieve a maximum evasion increase rate of 99% with cost-effective execution, while the defense methods significantly mitigate the impact of the adversarial attacks.