Adversarial Robustness of Network IDS (Structured Data)

Authors

  • Haedar Ahmed Mukhef Mustansiriyah University

DOI:

https://doi.org/10.29304/jqcsm.2025.17.42554

Keywords:

Network Intrusion Detection;, Adversarial Robustness;, Cross-Domain Generalization;, Realizability Constraints.

Abstract

Network intrusion detection systems (NIDS) trained on tabular flows are vulnerable to constrained evasion, where an attacker perturbs few features while preserving protocol semantics and valid ranges. This paper addresses two gaps: (i) the absence of a standardized, constraint-aware robustness evaluation for tabular NIDS, and (ii) the lack of defenses that remain effective under such realistic, semantics-preserving attacks. We propose a measurement framework that formalizes attacker budgets and constraint sets, instantiates reproducible attacks, and benchmarks models on UNSW-NB15 and BoT-IoT. As a defense, we train a TabTransformer with constraint-respecting adversarial examples and feature tokenization that groups mixed-type attributes. Across both datasets and multiple attack budgets, the adversarially trained TabTransformer consistently outperforms tuned tree-based ensembles under constrained attacks while maintaining competitive clean accuracy. Ablations show robust optimization and tokenization jointly reduce attack success and transferability. Our findings provide practitioners with a concrete, reproducible pathway to deploy attack-aware tabular NIDS and establish a baseline for future robustness studies in operational network environments

Downloads

Download data is not yet available.

References

Bouzaachane, K., Guarmah, E. M. E., Alnajim, A. M., & Khan, S. (2025). Addressing Modern Cybersecurity Challenges: A Hybrid Machine Learning and Deep Learning Approach for Network Intrusion Detection. Computers, Materials & Continua, 84(2).

Calzavara, S., Cazzaro, L., Pibiri, G. E., & Prezza, N. (2023, November). Verifiable learning for robust tree ensembles. In Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security (pp. 1850-1864).

Cantone, M., Marrocco, C., & Bria, A. (2024). On the cross-dataset generalization of machine learning for network intrusion detection. arXiv preprint arXiv:2402.10974.

Díaz-Bedoya, D., González-Rodríguez, M., Gonzales-Zurita, O., Serrano-Guerrero, X., & Clairand, J. M. (2025). Advanced Wind Speed Forecasting: A Hybrid Framework Integrating Ensemble Methods and Deep Neural Networks for Meteorological Data. Smart Cities, 8(3), 94.

Ennaji, S., De Gaspari, F., Hitaj, D., Kbidi, A., & Mancini, L. V. (2025). Adversarial challenges in network intrusion detection systems: Research insights and future prospects. IEEE Access.

Ennaji, S., El Outa, A., Elaziz, M. A., & Cherkaoui, S. (2024). Adversarial challenges in network intrusion detection systems: A survey. arXiv preprint arXiv:2409.18736.

Goldschmidt, P., & Chudá, D. (2025). Network intrusion datasets: a survey, limitations, and recommendations. Computers & Security, 104510.

Gu, Z., Lopez, D. T., Alrahis, L., & Sinanoglu, O. (2024, April). Always be Pre-Training: Representation Learning for Network Intrusion Detection with GNNs. In 2024 25th International Symposium on Quality Electronic Design (ISQED) (pp. 1-8). IEEE.

Huang, X., Khetan, A., Cvitkovic, M., & Karnin, Z. (2020). Tabtransformer: Tabular data modeling using contextual embeddings. arXiv preprint arXiv:2012.06678.

Layeghy, S., Sarhan, M., & Portmann, M. (2023). Explainable cross-domain evaluation of ML-based NIDS. Computers & Electrical Engineering, 113, 108841.

Maseer, Z. K., Kadhim, Q. K., Al‐Bander, B., Yusof, R., & Saif, A. (2024). Meta‐analysis and systematic review for anomaly network intrusion detection systems: Detection methods, dataset, validation methodology, and challenges. IET Networks, 13(5-6), 339-376.

Park, C., & Lee, S. (2025). Tunable anisotropy in lattice structures via deep learning-based optimization. International Journal of Mechanical Sciences, 290, 110121.

Ruan, Y., Lan, X., Ma, J., Dong, Y., He, K., & Feng, M. (2024). Language modeling on tabular data: A survey of foundations, techniques and evolution. arXiv preprint arXiv:2408.10548.

Sarhan, M., Layeghy, S., Moustafa, N., & Portmann, M. (2021). Towards a standard feature set of NIDS datasets. CoRR, abs/2101.11315. arXiv preprint arXiv:2101.11315.

Sharma, S., & Chen, Z. (2024). A Systematic Study of Adversarial Attacks Against Network Intrusion Detection Systems. Electronics, 13(24), 5030.

TensorFlow. (2024). TensorFlow Lattice (TFL): Flexible, controlled, and interpretable lattice-based models. Project documentation. TensorFlow

University of Queensland (UQ Cyber). (n.d.). Machine Learning-Based NIDS datasets (NF-UQ-NIDS-v2 portal). Retrieved 2023–2025. staff.itee.uq.edu.au

Wang, X., Qiao, Y., Xiong, J., Zhao, Z., Zhang, N., Feng, M., & Jiang, C. (2024). Advanced network intrusion detection with tabtransformer. Journal of Theory and Practice of Engineering Science, 4(03), 191-198.

You, S., Ding, D., Canini, K., Pfeifer, J., & Gupta, M. (2017). Deep lattice networks and partial monotonic functions. Advances in Neural Information Processing Systems (NeurIPS).

Zhao, J., Li, M., Zhao, X., & Yu, Z. (2024). Deep Isotonic Embedding Network: A flexible monotonic neural network. Neural Networks, 172, 106170.

Downloads

Published

2025-12-30

How to Cite

Haedar Ahmed Mukhef. (2025). Adversarial Robustness of Network IDS (Structured Data). Journal of Al-Qadisiyah for Computer Science and Mathematics, 17(4), Comp 209–224. https://doi.org/10.29304/jqcsm.2025.17.42554

Issue

Vol. 17 No. 4 (2025): JQCM

Section

Computer Articles

License

Copyright (c) 2025 Haedar Ahmed Mukhef

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.