Botnet detection based on machine learning have witnessed significant leaps in recent years, with the availability of large and reliable datasets that are extracted from real-life scenarios. Consequently, adversarial attacks on machine learning-based cybersecurity systems are posing a significant threat to the practicality of these solutions. In this paper, we introduce a novel attack that utilizes machine learning model's explainability in evading detection by botnet detection systems. The proposed attack utilizes information obtained from model's explainability to build adversarial samples that can evade detection in a blackbox setting. The proposed attack was tested on a trained IoT botnet detection systems and was capable of bypassing the botnet detection with 0% detection by altering one feature only to generate the adversarial samples.

翻译：基于机器学习的僵尸网络检测近年来取得了显著进展，这得益于从真实场景中提取的大规模可靠数据集的可用性。然而，针对机器学习驱动网络安全系统的对抗性攻击正对这些解决方案的实用性构成重大威胁。本文提出了一种新型攻击方法，利用机器学习模型的可解释性来规避僵尸网络检测系统的识别。该攻击通过获取模型可解释性信息，在黑盒环境下构建能够逃避检测的对抗样本。经过训练的物联网僵尸网络检测系统测试表明，所提攻击仅需修改单个特征即可生成对抗样本，使僵尸网络检测率降至0%。