Volume 18, Number 1

Comparative Analysis of Black-Box Targeted Adversarial Attacks on DL-Based Nids: A Study of C&W and JSMA using CICDDOS2019

  Authors

Aasim Zafar ¹, Tarab Malik ¹ and Sheikh Burhan Ul Haque ², ¹Aligarh Muslim University, India, ²Cluster University of srinagar, India

  Abstract

Deep and machine learning (DL/ML) models are extensively used in cybersecurity for threat detection, particularly in Network Intrusion Detection Systems (NIDS). However, these models remain vulnerable to adversarial attacks, which can significantly compromise their reliability. Among these threats, black-box targeted attacks pose a critical risk, where adversaries craft perturbations to disguise malicious activities, such as DDoS and Botnet traffic, as benign without having direct access to the target model. This study investigates the impact of two advanced adversarial strategies—Carlini & Wagner (C&W) and Jacobian Saliency Map Attack (JSMA)—on ML/DL-based NIDS using the CICDDoS2019 dataset, a widely recognized benchmark for modern cyber threats. The study analysis reveals that C&W reduces classifier accuracy by 31.33% through precise gradient-driven perturbations, while JSMA causes a 26.58% accuracy drop by strategically modifying key network traffic features like flow duration and packet length. Both attacks operate under black-box conditions, demonstrating their effectiveness without prior knowledge of the model’s internal workings. Experiment results observe a trade-off between C&W’s high-precision perturbations and JSMA’s efficiency in feature manipulation, highlighting the evolving nature of adversarial threats in cybersecurity. These findings underscore the urgent need to reassess the robustness of ML/DL-based NIDS and develop more resilient defense mechanisms.

  Keywords

Adversarial attacks, Network intrusion detection, Black-box evasion, Targeted attacks, CICDDoS2019.