Evaluating Network Intrusion Detection Models for Enterprise Security: Adversarial Vulnerability and Robustness Analysis

Vahid Heydari; Kofi Nyarko

doi:10.5220/0013204900003929

Evaluating Network Intrusion Detection Models for Enterprise Security: Adversarial Vulnerability and Robustness Analysis

Vahid Heydari, Kofi Nyarko

2025

Abstract

Machine learning (ML) has become essential for securing enterprise information systems, particularly through its integration in Network Intrusion Detection Systems (NIDS) for monitoring and detecting suspicious activities. Although ML-based NIDS models demonstrate high accuracy in detecting known and novel threats, they remain vulnerable to adversarial attacks—small perturbations in network data that mislead the model into classifying malicious traffic as benign, posing serious risks to enterprise security. This study evaluates the adversarial robustness of two machine learning models—a Random Forest classifier and a Neural Network—trained on the UNSW-NB15 dataset, which represents complex, enterprise-relevant network traffic. We assessed the performance of both models on clean and adversarially perturbed test data, with adversarial samples generated via Projected Gradient Descent (PGD) across multiple epsilon values. Although both models achieved high accuracy on clean data, even minimal adversarial perturbations led to substantial declines in detection accuracy, with the Neural Network model showing a more pronounced degradation compared to the Random Forest. Higher perturbations reduced both models’ performance to near-random levels, highlighting the particular susceptibility of Neural Networks to adversarial attacks. These findings emphasize the need for adversarial testing to ensure NIDS robustness within enterprise systems. We discuss strategies to improve NIDS resilience, including adversarial training, feature engineering, and model interpretability techniques, providing insights for developing robust NIDS capable of maintaining security in enterprise environments.

Download

Paper Citation

in Harvard Style

Heydari V. and Nyarko K. (2025). Evaluating Network Intrusion Detection Models for Enterprise Security: Adversarial Vulnerability and Robustness Analysis. In Proceedings of the 27th International Conference on Enterprise Information Systems - Volume 1: ICEIS; ISBN 978-989-758-749-8, SciTePress, pages 699-708. DOI: 10.5220/0013204900003929

in Bibtex Style

@conference{iceis25,
author={Vahid Heydari and Kofi Nyarko},
title={Evaluating Network Intrusion Detection Models for Enterprise Security: Adversarial Vulnerability and Robustness Analysis},
booktitle={Proceedings of the 27th International Conference on Enterprise Information Systems - Volume 1: ICEIS},
year={2025},
pages={699-708},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013204900003929},
isbn={978-989-758-749-8},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 27th International Conference on Enterprise Information Systems - Volume 1: ICEIS
TI - Evaluating Network Intrusion Detection Models for Enterprise Security: Adversarial Vulnerability and Robustness Analysis
SN - 978-989-758-749-8
AU - Heydari V.
AU - Nyarko K.
PY - 2025
SP - 699
EP - 708
DO - 10.5220/0013204900003929
PB - SciTePress