{"id":"https://openalex.org/W7124158022","doi":"https://doi.org/10.1109/icpads67057.2025.11323207","title":"Revealing the Vulnerabilities of Learning-based Network Intrusion Detectors through XAI-guided Adversarial Attack","display_name":"Revealing the Vulnerabilities of Learning-based Network Intrusion Detectors through XAI-guided Adversarial Attack","publication_year":2025,"publication_date":"2025-12-14","ids":{"openalex":"https://openalex.org/W7124158022","doi":"https://doi.org/10.1109/icpads67057.2025.11323207"},"language":null,"primary_location":{"id":"doi:10.1109/icpads67057.2025.11323207","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icpads67057.2025.11323207","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE 31th International Conference on Parallel and Distributed Systems (ICPADS)","raw_type":"proceedings-article"},"type":"conference-paper","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5093779167","display_name":"Shuhua Li","orcid":null},"institutions":[{"id":"https://openalex.org/I37461747","display_name":"Wuhan University","ror":"https://ror.org/033vjfk17","country_code":"CN","type":"education","lineage":["https://openalex.org/I37461747"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shuhua Li","raw_affiliation_strings":["School of Cyber Science and Engineering, Wuhan University,Wuhan,China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyber Science and Engineering, Wuhan University,Wuhan,China","institution_ids":["https://openalex.org/I37461747"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5123003059","display_name":"Ruiying Du","orcid":null},"institutions":[{"id":"https://openalex.org/I37461747","display_name":"Wuhan University","ror":"https://ror.org/033vjfk17","country_code":"CN","type":"education","lineage":["https://openalex.org/I37461747"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ruiying Du","raw_affiliation_strings":["School of Cyber Science and Engineering, Wuhan University,Wuhan,China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyber Science and Engineering, Wuhan University,Wuhan,China","institution_ids":["https://openalex.org/I37461747"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101303390","display_name":"Jiyuan Gu","orcid":null},"institutions":[{"id":"https://openalex.org/I37461747","display_name":"Wuhan University","ror":"https://ror.org/033vjfk17","country_code":"CN","type":"education","lineage":["https://openalex.org/I37461747"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jiyuan Gu","raw_affiliation_strings":["School of Cyber Science and Engineering, Wuhan University,Wuhan,China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyber Science and Engineering, Wuhan University,Wuhan,China","institution_ids":["https://openalex.org/I37461747"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I37461747"],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.5446000099182129,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.5446000099182129,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.30070000886917114,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12026","display_name":"Explainable Artificial Intelligence (XAI)","score":0.03449999913573265,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.8238999843597412},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.6299999952316284},{"id":"https://openalex.org/keywords/variety","display_name":"Variety (cybernetics)","score":0.5386000275611877},{"id":"https://openalex.org/keywords/intrusion","display_name":"Intrusion","score":0.477400004863739},{"id":"https://openalex.org/keywords/attack-model","display_name":"Attack model","score":0.399399995803833},{"id":"https://openalex.org/keywords/attack-patterns","display_name":"Attack patterns","score":0.3937000036239624}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.8238999843597412},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6908000111579895},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.6299999952316284},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5652999877929688},{"id":"https://openalex.org/C136197465","wikidata":"https://www.wikidata.org/wiki/Q1729295","display_name":"Variety (cybernetics)","level":2,"score":0.5386000275611877},{"id":"https://openalex.org/C158251709","wikidata":"https://www.wikidata.org/wiki/Q354025","display_name":"Intrusion","level":2,"score":0.477400004863739},{"id":"https://openalex.org/C65856478","wikidata":"https://www.wikidata.org/wiki/Q3991682","display_name":"Attack model","level":2,"score":0.399399995803833},{"id":"https://openalex.org/C2780741293","wikidata":"https://www.wikidata.org/wiki/Q4818019","display_name":"Attack patterns","level":3,"score":0.3937000036239624},{"id":"https://openalex.org/C27061796","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion prevention system","level":3,"score":0.3481000065803528},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.3452000021934509},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.31769999861717224},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.30730000138282776},{"id":"https://openalex.org/C94915269","wikidata":"https://www.wikidata.org/wiki/Q1834857","display_name":"Detector","level":2,"score":0.2825999855995178},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.2766999900341034},{"id":"https://openalex.org/C2781317605","wikidata":"https://www.wikidata.org/wiki/Q7832483","display_name":"Traffic analysis","level":2,"score":0.26460000872612}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icpads67057.2025.11323207","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icpads67057.2025.11323207","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE 31th International Conference on Parallel and Distributed Systems (ICPADS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4343627393245697,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G7190107793","display_name":null,"funder_award_id":"2022YFB3103300","funder_id":"https://openalex.org/F4320335777","funder_display_name":"National Key Research and Development Program of China"}],"funders":[{"id":"https://openalex.org/F4320335777","display_name":"National Key Research and Development Program of China","ror":null}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":31,"referenced_works":["https://openalex.org/W2026258420","https://openalex.org/W2180612164","https://openalex.org/W2516809705","https://openalex.org/W2783741806","https://openalex.org/W2889836475","https://openalex.org/W2945748508","https://openalex.org/W2963197901","https://openalex.org/W2963857521","https://openalex.org/W2984717769","https://openalex.org/W3005097670","https://openalex.org/W3009195050","https://openalex.org/W3014732532","https://openalex.org/W3021219025","https://openalex.org/W3082830450","https://openalex.org/W3093410479","https://openalex.org/W3115360974","https://openalex.org/W3119693685","https://openalex.org/W3165205057","https://openalex.org/W3180062783","https://openalex.org/W3204683301","https://openalex.org/W4210598630","https://openalex.org/W4225150645","https://openalex.org/W4285729166","https://openalex.org/W4313591247","https://openalex.org/W4386840513","https://openalex.org/W4396982193","https://openalex.org/W4399563768","https://openalex.org/W4402546950","https://openalex.org/W4403914904","https://openalex.org/W4406611343","https://openalex.org/W4414153534"],"related_works":[],"abstract_inverted_index":{"The":[0],"application":[1],"of":[2,50,90],"learning-based":[3,78],"Network":[4],"Intrusion":[5],"Detection":[6],"System":[7],"(NIDS)":[8],"has":[9],"yielded":[10],"remarkable":[11],"performance":[12],"in":[13,140],"identifying":[14],"cyberattacks":[15],"within":[16],"network":[17],"traffic.":[18],"Despite":[19],"the":[20,40,88,108],"superiority,":[21],"these":[22],"systems":[23],"are":[24],"susceptible":[25],"to":[26,38,85,95],"Adversarial":[27],"Example":[28],"(AE)":[29],"attacks,":[30],"where":[31],"an":[32],"attacker":[33],"perturbs":[34],"malicious":[35],"traffic":[36,92,111],"samples":[37],"mislead":[39],"model":[41],"into":[42],"classifying":[43],"them":[44],"as":[45],"benign.":[46],"Although":[47],"a":[48,72,132],"variety":[49],"AE":[51,74,104],"attack":[52,65,75,147],"strategies":[53],"have":[54],"been":[55],"proposed,":[56],"they":[57],"generally":[58],"suffer":[59],"from":[60,114],"large":[61],"perturbations":[62],"and":[63,102,119],"limited":[64],"transferability.":[66,148],"In":[67],"this":[68],"work,":[69],"we":[70],"propose":[71],"novel":[73],"framework":[76,130],"against":[77],"NIDS,":[79],"leveraging":[80],"eXplainable":[81],"Artificial":[82],"Intelligence":[83],"(XAI)":[84],"efficiently":[86],"guide":[87],"generation":[89,105],"adversarial":[91],"examples.":[93],"Compared":[94],"existing":[96],"baselines,":[97],"our":[98,129],"approach":[99],"achieves":[100,131],"efficient":[101],"targeted":[103],"by":[106],"perturbing":[107],"most":[109],"influential":[110],"features":[112],"derived":[113],"SHapley":[115],"Additive":[116],"exPlanations":[117],"(SHAP)":[118],"Local":[120],"Interpretable":[121],"Modelagnostic":[122],"Explanations":[123],"(LIME).":[124],"Experimental":[125],"results":[126],"demonstrate":[127],"that":[128],"high":[133],"Attack":[134],"Success":[135],"Rate":[136],"(ASR)":[137],"above":[138],"87.13%":[139],"evading":[141],"detection,":[142],"along":[143],"with":[144],"superior":[145],"crossmodel":[146]},"counts_by_year":[],"updated_date":"2026-07-14T23:27:15.235271","created_date":"2026-01-15T00:00:00"}
