University of Twente Student Theses
Adversarial Machine Learning Attacks against DeepCASE
Stoev, M.T. (2025) Adversarial Machine Learning Attacks against DeepCASE.
|
PDF
1MB |
| Abstract: | DeepCASE is a deep-learning-based system that aims to reduce the workload of security analysts who operate in Security Operation Centers (SOC) by semi-automatically triaging security events. Given that DeepCASE aids a SOC in detecting adversaries, DeepCASE itself becomes an attack surface. This research investigates which components of DeepCASE are susceptible to attacks and to what extent these attacks can be effective. This research shows how DeepCASE’s performance can be lowered by slightly modifying the input to a misclassified sequence. This attack specifically targets the Context Builder so that it makes incorrect predictions, forcing the security operator to intervene. The attack is an adaptation of the Basic Iterative Method(BIM), an evasion attack traditionally used for images. It is tested on the HDFS dataset and the Intrusion Detection Evaluation Dataset, showing an Attack Success Rate (ASR) of 62.82% and 93.83%. |
| Item Type: | Essay (Master) |
| Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
| Subject: | 54 computer science |
| Programme: | Computer Science MSc (60300) |
| Link to this item: | https://purl.utwente.nl/essays/106269 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page