The escalating sophistication of cyberattacks has encouraged the integration of machine learning techniques in intrusion detection systems, but the rise of adversarial examples presents a significant challenge. These crafted perturbations mislead ML models, enabling attackers to evade detection or trigger false alerts. As a reaction, adversarial purification has emerged as a compelling solution, particularly with diffusion models showing promising results. However, their purification potential remains unexplored in the context of intrusion detection. This paper demonstrates the effectiveness of diffusion models in purifying adversarial examples in network intrusion detection. Through a comprehensive analysis of the diffusion parameters, we identify optimal configurations maximizing adversarial robustness with minimal impact on normal performance. Importantly, this study reveals insights into the relationship between diffusion noise and diffusion steps, representing a novel contribution to the field. Our experiments are carried out on two datasets and against 5 adversarial attacks. The implementation code is publicly available.

翻译：网络攻击手段日益复杂化推动了机器学习技术在入侵检测系统中的集成应用，但对抗样本的出现带来了严峻挑战。这类精心构造的扰动会误导机器学习模型，使攻击者能够规避检测或触发误报。作为应对策略，对抗净化已成为备受关注的解决方案，其中扩散模型展现出显著潜力。然而，该技术在入侵检测领域的净化能力尚未得到充分探索。本文论证了扩散模型在网络入侵检测中净化对抗样本的有效性。通过对扩散参数的全面分析，我们确定了在保证正常性能影响最小化的同时实现对抗鲁棒性最大化的最优配置方案。尤为重要的是，本研究揭示了扩散噪声与扩散步数之间的内在关联机制，为该领域贡献了创新性见解。我们在两个数据集上针对五种对抗攻击方法进行了实验验证，相关实现代码已公开。