Detection of on-manifold adversarial attacks via latent space transformation

Abstract

Out-of-distribution (OOD) generalization is critical for reliable intrusion detection systems (IDS), yet current methods often falter against stealthy, on-manifold adversarial attacks that mimic ID data. To solve this challenge, we propose a semi-supervised approach that applies an invertible transformation to the latent space and leverages changes in differential entropy to detect OOD samples. Experiments on the KDD99 and X-IIoTID datasets demonstrate that our approach outperforms state-of-the-art defenses, providing enhanced robustness and generalizability for IDS.

Document Type

Journal Article

Date of Publication

7-1-2025

Volume

154

School

Centre for Artificial Intelligence and Machine Learning (CAIML) / School of Science

Publication Unique Identifier

10.1016/j.cose.2025.104431

Copyright

subscription content

Publisher

Elsevier

Comments

Al-Fawa’reh, M., Abu-Khalaf, J., Janjua, N., & Szewczyk, P. (2025). Detection of on-manifold adversarial attacks via latent space transformation. Computers & Security, 154, 104431. https://doi.org/10.1016/j.cose.2025.104431

Share

 
COinS
 

Link to publisher version (DOI)

10.1016/j.cose.2025.104431