Adversarial Sample Attack and Defense Method for Encrypted Traffic Data

Resisting the adversarial sample attack on encrypted traffic is a challenging task in the Intelligent Transportation System. This paper focuses on the classification, adversarial samples attack and defense method for the encrypted traffic. To be more specific, the one-dimensional encrypted traffic data is firstly translated into the two-dimensional images for further utilization. Then different classification networks based on the deep learning algorithm are adopted to classify the encrypted traffic data. Moreover, various adversarial sample generation methods are employed to generate the adversarial sample to implement the attacking process on the classification network. Furthermore, the passive and active defense method are proposed to resist the adversarial sample attack: 1) the passive defense is used to denoise the perturbation in the adversarial sample and to restore to the original image; and 2) the active defense is used to resist the adversarial sample attack by leveraging the adversarial training method, which can improve the robustness of the classification network. We conduct the extensive experiments on the ISCXVPN2016 dataset to evaluate the effectiveness of classification, adversarial sample attacking and defending.