Deep learning based intrusion detection systems (DL-based IDS) have emerged as one of the best choices for providing security solutions against various network intrusion attacks. However, due to the emergence and development of adversarial deep learning technologies, it becomes challenging for the adoption of DL models into IDS. In this paper, we propose a novel IDS architecture that can enhance the robustness of IDS against adversarial attacks by combining conventional machine learning (ML) models and Deep Learning models. The proposed DLL-IDS consists of three components: DL-based IDS, adversarial example (AE) detector, and ML-based IDS. We first develop a novel AE detector based on the local intrinsic dimensionality (LID). Then, we exploit the low attack transferability between DL models and ML models to find a robust ML model that can assist us in determining the maliciousness of AEs. If the input traffic is detected as an AE, the ML-based IDS will predict the maliciousness of input traffic, otherwise the DL-based IDS will work for the prediction. The fusion mechanism can leverage the high prediction accuracy of DL models and low attack transferability between DL models and ML models to improve the robustness of the whole system. In our experiments, we observe a significant improvement in the prediction performance of the IDS when subjected to adversarial attack, achieving high accuracy with low resource consumption.

翻译：基于深度学习的入侵检测系统（DL-based IDS）已成为应对各类网络入侵攻击的最佳安全解决方案之一。然而，随着对抗深度学习技术的出现与发展，将深度学习模型应用于入侵检测系统面临严峻挑战。本文提出一种新型入侵检测系统架构，通过融合传统机器学习模型与深度学习模型，增强系统对对抗攻击的鲁棒性。所提出的DLL-IDS包含三个组件：基于深度学习的入侵检测系统、对抗样本检测器以及基于机器学习的入侵检测系统。我们首先基于局部本征维度开发了一种新型对抗样本检测器；其次，利用深度学习模型与机器学习模型之间低攻击迁移性的特性，选取鲁棒性强的机器学习模型辅助判定对抗样本的恶意性。当输入流量被检测为对抗样本时，由基于机器学习的入侵检测系统预测其恶意性；反之则由基于深度学习的入侵检测系统完成预测。该融合机制可兼顾深度学习模型的高预测精度与两类模型间的低攻击迁移性，从而提升整体系统的鲁棒性。实验结果表明，在遭受对抗攻击时，所提入侵检测系统的预测性能显著提升，能够在低资源消耗条件下实现高准确率。