The growing integration of UAVs into civilian airspace underscores the need for resilient and intelligent intrusion detection systems (IDS), as traditional anomaly detection methods often fail to identify novel threats. A common approach treats unfamiliar attacks as out-of-distribution (OOD) samples; however, this leaves systems vulnerable when mitigation is inadequate. Moreover, conventional OOD detectors struggle to distinguish stealthy adversarial attacks from genuine OOD events. This paper introduces a conditional generative adversarial network (cGAN)-based framework for crafting stealthy adversarial attacks that evade IDS mechanisms. We first design a robust multi-class IDS classifier trained on benign UAV telemetry and known cyber-attacks, including Denial of Service (DoS), false data injection (FDI), man-in-the-middle (MiTM), and replay attacks. Using this classifier, our cGAN perturbs known attacks to generate adversarial samples that misclassify as benign while retaining statistical resemblance to OOD distributions. These adversarial samples are iteratively refined to achieve high stealth and success rates. To detect such perturbations, we implement a conditional variational autoencoder (CVAE), leveraging negative log-likelihood to separate adversarial inputs from authentic OOD samples. Comparative evaluation shows that CVAE-based regret scores significantly outperform traditional Mahalanobis distance-based detectors in identifying stealthy adversarial threats. Our findings emphasize the importance of advanced probabilistic modeling to strengthen IDS capabilities against adaptive, generative-model-based cyber intrusions.

翻译：随着无人机在民用空域的日益普及，对鲁棒且智能的入侵检测系统（IDS）的需求愈发迫切，因为传统的异常检测方法往往无法识别新型威胁。一种常见方法将未知攻击视为分布外（OOD）样本；然而，当缓解措施不足时，这种方法会使系统面临风险。此外，传统的OOD检测器难以区分隐蔽的对抗性攻击与真实的OOD事件。本文提出了一种基于条件生成对抗网络（cGAN）的框架，用于构建能够规避IDS机制的隐蔽对抗攻击。我们首先设计了一个鲁棒的多类IDS分类器，该分类器基于良性无人机遥测数据和已知网络攻击（包括拒绝服务攻击（DoS）、虚假数据注入（FDI）、中间人攻击（MiTM）和重放攻击）进行训练。利用该分类器，我们的cGAN通过扰动已知攻击生成对抗样本，这些样本被误分类为良性样本，同时保持与OOD分布的统计相似性。这些对抗样本经过迭代优化，以实现高隐蔽性和高成功率。为了检测此类扰动，我们实现了一个条件变分自编码器（CVAE），利用负对数似然来区分对抗性输入与真实的OOD样本。对比评估表明，基于CVAE的遗憾分数在识别隐蔽对抗威胁方面显著优于传统的基于马氏距离的检测器。我们的研究结果强调了先进概率建模对于增强IDS应对基于自适应生成模型的网络入侵能力的重要性。