Securing Intrusion Detection Systems in IoT Networks Against Adversarial Learning: A Moving Target Defense Approach based on Reinforcement Learning

Abstract

Investigating the use of moving target defense (MTD) mechanisms in IoT networks is ongoing research, with unfathomable potential to equip IoT devices and networks with the ability to fend off cyber attacks despite the computational deficiencies many IoT ecosystems typically have. The AI community has extensively studied adversarial threats and attacks on machine learning-based systems, emphasizing the need to address the potential compromise of anomaly-based intrusion detection systems (IDS) through adversarial attacks. Another concept that has gained significant attention in the networking community is Game Theory. Protecting any given network is almost a never-ending battle between the attacker and defender, and hence a natural game of competitors can be modelled based on one’s parametric specifications to gain more insight into how attackers might interact with one’s system. The goal of this thesis is to propose a comprehensive, experimentally verifiable game-theoretic model of MTD in IoT networks to secure the IDS against adversarial attacks. Once a game with state transitions based on given actions can be modelled, reinforcement learning is used to develop policies based on various episodes (rounds) of the game, ultimately optimizing network decisions to minimize successful attacks on machine learning-based IDS. The state-of-the-art ToN-IoT dataset was investigated for MTD feasibility to implement the feature-based MTD approach. The overall performance of the proposed MTD-based IDS was compared to a conventional IDS by analyzing the accuracy curve of the MTD-based IDS and the conventional IDS for varying attacker success rates and resource demands. Our approach has proven effective in securing the IDS against adversarial learning.