The integration of machine learning (ML) algorithms into Internet of Things (IoT) applications has introduced significant advantages alongside vulnerabilities to adversarial attacks, especially within IoT-based intrusion detection systems (IDS). While theoretical adversarial attacks have been extensively studied, practical implementation constraints have often been overlooked. This research addresses this gap by evaluating the feasibility of evasion attacks on IoT network-based IDSs, employing a novel black-box adversarial attack. Our study aims to bridge theoretical vulnerabilities with real-world applicability, enhancing understanding and defense against sophisticated threats in modern IoT ecosystems. Additionally, we propose a defense scheme tailored to mitigate the impact of evasion attacks, thereby reinforcing the resilience of ML-based IDSs. Our findings demonstrate successful evasion attacks against IDSs, underscoring their susceptibility to advanced techniques. In contrast, we proposed a defense mechanism that exhibits robust performance by effectively detecting the majority of adversarial traffic, showcasing promising outcomes compared to current state-of-the-art defenses. By addressing these critical cybersecurity challenges, our research contributes to advancing IoT security and provides insights for developing more resilient IDS.

翻译：机器学习算法在物联网应用中的集成带来了显著优势，同时也引入了对抗攻击的脆弱性，尤其是在基于物联网的入侵检测系统中。尽管理论上的对抗攻击已被广泛研究，但实际实施中的约束往往被忽视。本研究通过评估对物联网网络入侵检测系统的规避攻击可行性，采用了一种新颖的黑盒对抗攻击方法，弥补了这一差距。我们的研究旨在连接理论脆弱性与现实世界的适用性，增强对现代物联网生态系统中复杂威胁的理解与防御。此外，我们提出了一种专门设计用于减轻规避攻击影响的防御方案，从而增强基于机器学习的入侵检测系统的韧性。我们的研究结果表明，成功实施了针对入侵检测系统的规避攻击，凸显了其对高级技术的敏感性。相比之下，我们提出的防御机制通过有效检测大多数对抗流量展现出稳健性能，与当前最先进的防御方法相比取得了有前景的结果。通过应对这些关键网络安全挑战，本研究为推进物联网安全做出了贡献，并为开发更具韧性的入侵检测系统提供了见解。