Triggerability of Backdoor Attacks in Multi-Source Transfer Learning-based Intrusion Detection

Network-based Intrusion Detection Systems (NIDSs) automate monitoring of events in networks and analyze them for signatures of cyberattacks. With the advancement of machine learning algorithms, more organizations started using machine learning based IDSs (ML-IDSs) to identify and mitigate cyberattacks. However, the lack of training datasets is a major challenge when implementing ML-IDSs. Therefore, using training data from external sources or transfer learning models are some solutions to overcome this challenge. However, using training data from external sources introduces the risk of backdoored datasets, specifically, when the adversaries also have background knowledge on data sources inside the target organization. This work investigates the role of backdoor attacks on intrusion detection techniques trained using multi-source data. The backdoor examples are injected into one or more training data sources. Transfer learning models are then created by projecting data from different sources into a new subspace containing all source data. The backdoor is then triggered in the target data. An anomaly-based intrusion detection classifier is applied to examine the effectiveness of the introduced backdoors. The results have shown that backdoor attacks on multis-source transfer learning models are feasible, although having less impact compared to backdoors on traditional machine learning models.