Towards Robust Machine Learning-based Cybersecurity: Investigating Adversarial Evasion Attacks in Data Exfiltration Systems

Abstract

In 2020, cyberattacks ranked fifth among security risks linked to digitalization in businesses, with their prevalence rising across public and private sectors. This escalation continues in 2023 and is projected to double by 2025. Data Exfiltration (DE), a sophisticated cyberattack, has become a critical concern, comprising 52% of security incidents from 2021 to 2023. DE involves unauthorized attempts to steal sensitive data, threatening confidentiality and integrity. Given the complexity of DE attacks, Machine Learning-based Data Exfiltration (MDE) countermeasures have been increasingly adopted for accurate DE detection and mitigation. However, recent research has revealed that ML-based systems are vulnerable to adversarial evasion attacks designed to cause misclassification. Despite substantial research into adversarial evasion attacks in various domains, their prevalence and impact on MDE defences have not been adequately studied. Nevertheless, MDE evasion can lead to successful data breaches and, consequently, reputation and financial losses. Therefore, it is essential to examine this aspect to strengthen the robustness of MDE countermeasures comprehensively and effectively. This thesis aims to enhance the robustness of MDE countermeasures against adversarial evasion attacks, contributing to ML and cybersecurity. First, a Systematic Literature Review (SLR) is conducted to understand the design and development processes of MDE systems, identifying their methods, strengths, limitations, and constraints. One significant challenge discovered through the SLR is the lack of adversarial evaluation in these systems, hindering their practical applicability and reliability. Consequently, two frameworks, namely URLBUG and ReinforceBug, are proposed to address this challenge. URLBUG and ReinforceBug frameworks assess the robustness of two popular MDE countermeasures: Machine Learning-based Phishing URL detectors (MLPU) and Context-Inspection-based MDE (CMDE) defences. The methodological core of these frameworks revolves around generating adversarial examples, effectively simulating realistic evasion attacks, and systematically evaluating the robustness of the targeted MDE systems. The findings of this evaluation reveal significant security vulnerabilities in these systems and highlight the need for robust and trustworthy MDE solutions. Based on these findings, this thesis demonstrates methods for designing robust MLPU models and developing a novel human-centric defense mechanism called Explainability-Driven Detection, Identification and Transformation (EDIT) to defend CMDE systems from evasion attacks proactively. The extensive evaluation exhibits the effectiveness of these defence mechanisms in mitigating evasion attacks, providing valuable insights for future research. The thesis serves as a valuable resource and guide for practitioners and researchers in the ML and cybersecurity domain, offering implications for developing trustworthy and robust MDE systems and advancing the field.