City Research Online

Abstract

The security of Internet of Things (IoT) ecosystems is crucial for maintaining user trust and facilitating widespread adoption. Machine Learning (ML) based Intrusion Detection and Prevention Systems (IDS/IPS) are frequently used to protect IoT networks, yet they are susceptible to adversarial attacks (AAs) and lack formal verifiability of their robustness. It has been demonstrated that meticulously designed AAs can alter the classification of ML-based IDSs, rendering them ineffective and posing risks to lives and physical infrastructure in safety-critical systems. This paper addresses these issues by introducing PROTECTION: a Provably RObust Intrusion DeTECTion system for IoT through recursive delegatION, which combines formal methods with ensemble machine learning. To enhance the robustness of ensemble ML models, we utilise Satisfiability-Modulo-Theory (SMT) to formally verify the classifier’s robustness, ensuring that output probabilities remain outside a thick decision boundary even when small perturbations are applied to the inputs. If a classifier fails to meet this criterion on any training sample, we reassign the training task to other classifiers that are iteratively trained until all samples are trained in accordance with the required property. The efficacy of the final ensemble model is thoroughly tested against various input perturbations and AAs using SMT based formal verification.

Publication Type:	Conference or Workshop Item (Paper)
Additional Information:	This version of the contribution has been accepted for publication, after peer review but is not the Version of Record and does not reflect post-acceptance improvements, or any corrections. The Version of Record will be available online at: https://www.springer.com/gp/computer-science/lncs. Use of this Accepted Version is subject to the publisher’s Accepted Manuscript terms of use https://www.springernature.com/gp/open-research/policies/accepted-manuscript-terms
Publisher Keywords:	Internet-of-Things, Intrusion Detection Systems, Adversarial attacks, Trustworthy Machine learning, Formal Methods
Subjects:	H Social Sciences > HN Social history and conditions. Social problems. Social reform Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Departments:	School of Science & Technology School of Science & Technology > Computer Science
SWORD Depositor:	Symplectic Administrator

Export

Downloads