Detection of on-manifold adversarial attacks via latent space transformation

Authors

Mohmmad Al-Fawa'reh, Edith Cowan UniversityFollow
Jumana Abu-khalaf, Edith Cowan UniversityFollow
Naeem Janjua, Edith Cowan UniversityFollow
Patryk Szewczyk, Edith Cowan UniversityFollow

Author Identifier

Mohmmad Al-Fawa'reh: https://orcid.org/0000-0002-5621-4126

Jumana Abu-khalaf: https://orcid.org/0000-0002-6651-2880

Naeem Janjua: https://orcid.org/0000-0003-0483-8196

Patryk Szewczyk: https://orcid.org/0000-0003-3040-9344

Document Type

Journal Article

Publication Title

Computers and Security

Volume

154

Publisher

Elsevier

School

Centre for Artificial Intelligence and Machine Learning (CAIML) / School of Science

Publication Unique Identifier

10.1016/j.cose.2025.104431

Comments

Al-Fawa’reh, M., Abu-Khalaf, J., Janjua, N., & Szewczyk, P. (2025). Detection of on-manifold adversarial attacks via latent space transformation. Computers & Security, 154, 104431. https://doi.org/10.1016/j.cose.2025.104431

Abstract

Out-of-distribution (OOD) generalization is critical for reliable intrusion detection systems (IDS), yet current methods often falter against stealthy, on-manifold adversarial attacks that mimic ID data. To solve this challenge, we propose a semi-supervised approach that applies an invertible transformation to the latent space and leverages changes in differential entropy to detect OOD samples. Experiments on the KDD99 and X-IIoTID datasets demonstrate that our approach outperforms state-of-the-art defenses, providing enhanced robustness and generalizability for IDS.

DOI

10.1016/j.cose.2025.104431

Access Rights

subscription content