Mitigating Evasion Attacks and Minimizing False Positives in Ann Via Adversarial Noise Injection
No Thumbnail Available
Date
2026-02
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Addis Ababa University
Abstract
Intrusion Detection Systems (IDS) is important in ensuring computer networks are not subjected to cyber threats. Nevertheless, adversarial evasion attacks are resistant to artificial neural networks that drive most of the contemporary IDS. Minor and strategically determined perturbations obtained through the algorithms like Fast Gradient Sign Method and Projected Gradient Descent may be used to alter the characteristics of network traffic to make a model wrongly label malicious activity as normal. This is a critical security threat, and attackers will be able to evade detection measures without a major change in traffic patterns. This thesis presented a new resilient ANN model that is trained with adaptive noise injection to achieve high levels of robustness against adversarial attacks with a low false positive rate. The proposed model was incorporated into SNORT intrusion detection system and tested by CIC-IDS2017 data under a clean and adversarial traffic. It was experimentally discovered that the proposed model with 99.85 percent detection accuracy, robustness against FGSM and PGD attacks and low false positive ratio of 0.15 percent appeared over 2.27 million samples. The resilient model showed a better stability when subjected to adversarial conditions and overall high performance in comparison with the baseline ANN and original SNORT ML model. These findings confirm that the adaptive noise injection provides a practical and effective solution for deploying adversarialresilient intrusion detection systems in real-world environments.
Description
Keywords
Intrusion Detection system, SNORT, FGSM, PGD, ANN, Adaptive Noise Injection