{"id":"https://openalex.org/W4416961881","doi":"https://doi.org/10.1109/pst65910.2025.11268880","title":"Temporal-Spatial Feature Modification Attacks Against Machine Learning-Based Network Intrusion Detection Systems","display_name":"Temporal-Spatial Feature Modification Attacks Against Machine Learning-Based Network Intrusion Detection Systems","publication_year":2025,"publication_date":"2025-08-26","ids":{"openalex":"https://openalex.org/W4416961881","doi":"https://doi.org/10.1109/pst65910.2025.11268880"},"language":null,"primary_location":{"id":"doi:10.1109/pst65910.2025.11268880","is_oa":false,"landing_page_url":"https://doi.org/10.1109/pst65910.2025.11268880","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 22nd Annual International Conference on Privacy, Security, and Trust (PST)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Sohini Pillay","orcid":null},"institutions":[{"id":"https://openalex.org/I149919469","display_name":"California Polytechnic State University","ror":"https://ror.org/001gpfp45","country_code":"US","type":"education","lineage":["https://openalex.org/I149919469"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Sohini Pillay","raw_affiliation_strings":["California Polytechnic State University, San Luis Obispo,Department of Computer Science and Software Engineering,San Luis Obispo,CA,USA,93407"],"affiliations":[{"raw_affiliation_string":"California Polytechnic State University, San Luis Obispo,Department of Computer Science and Software Engineering,San Luis Obispo,CA,USA,93407","institution_ids":["https://openalex.org/I149919469"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Eeshan Walia","orcid":null},"institutions":[{"id":"https://openalex.org/I149919469","display_name":"California Polytechnic State University","ror":"https://ror.org/001gpfp45","country_code":"US","type":"education","lineage":["https://openalex.org/I149919469"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Eeshan Walia","raw_affiliation_strings":["California Polytechnic State University, San Luis Obispo,Department of Computer Science and Software Engineering,San Luis Obispo,CA,USA,93407"],"affiliations":[{"raw_affiliation_string":"California Polytechnic State University, San Luis Obispo,Department of Computer Science and Software Engineering,San Luis Obispo,CA,USA,93407","institution_ids":["https://openalex.org/I149919469"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5120681587","display_name":"Christopher Yoeurng","orcid":null},"institutions":[{"id":"https://openalex.org/I149919469","display_name":"California Polytechnic State University","ror":"https://ror.org/001gpfp45","country_code":"US","type":"education","lineage":["https://openalex.org/I149919469"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Christopher Yoeurng","raw_affiliation_strings":["California Polytechnic State University, San Luis Obispo,Department of Computer Science and Software Engineering,San Luis Obispo,CA,USA,93407"],"affiliations":[{"raw_affiliation_string":"California Polytechnic State University, San Luis Obispo,Department of Computer Science and Software Engineering,San Luis Obispo,CA,USA,93407","institution_ids":["https://openalex.org/I149919469"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5035819194","display_name":"Dongfeng Fang","orcid":"https://orcid.org/0000-0003-3735-3005"},"institutions":[{"id":"https://openalex.org/I149919469","display_name":"California Polytechnic State University","ror":"https://ror.org/001gpfp45","country_code":"US","type":"education","lineage":["https://openalex.org/I149919469"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Dongfeng Fang","raw_affiliation_strings":["California Polytechnic State University, San Luis Obispo,Department of Computer Science and Software Engineering,San Luis Obispo,CA,USA,93407"],"affiliations":[{"raw_affiliation_string":"California Polytechnic State University, San Luis Obispo,Department of Computer Science and Software Engineering,San Luis Obispo,CA,USA,93407","institution_ids":["https://openalex.org/I149919469"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5024969203","display_name":"Shengjie Xu","orcid":"https://orcid.org/0000-0003-2019-5186"},"institutions":[{"id":"https://openalex.org/I138006243","display_name":"University of Arizona","ror":"https://ror.org/03m2x1q45","country_code":"US","type":"education","lineage":["https://openalex.org/I138006243"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Shengjie Xu","raw_affiliation_strings":["University of Arizona,College of Information Science,Tucson,Arizona,USA,85721"],"affiliations":[{"raw_affiliation_string":"University of Arizona,College of Information Science,Tucson,Arizona,USA,85721","institution_ids":["https://openalex.org/I138006243"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I149919469"],"apc_list":null,"apc_paid":null,"fwci":1.3852,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.87779137,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.5978999733924866,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.5978999733924866,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.2870999872684479,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":0.026599999517202377,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.7678999900817871},{"id":"https://openalex.org/keywords/timestamp","display_name":"Timestamp","score":0.7677000164985657},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.6758999824523926},{"id":"https://openalex.org/keywords/header","display_name":"Header","score":0.6668000221252441},{"id":"https://openalex.org/keywords/byte","display_name":"Byte","score":0.5541999936103821},{"id":"https://openalex.org/keywords/anomaly-based-intrusion-detection-system","display_name":"Anomaly-based intrusion detection system","score":0.513700008392334},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.5027999877929688},{"id":"https://openalex.org/keywords/intrusion-prevention-system","display_name":"Intrusion prevention system","score":0.4618000090122223},{"id":"https://openalex.org/keywords/feature","display_name":"Feature (linguistics)","score":0.43220001459121704}],"concepts":[{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.7678999900817871},{"id":"https://openalex.org/C113954288","wikidata":"https://www.wikidata.org/wiki/Q186885","display_name":"Timestamp","level":2,"score":0.7677000164985657},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7662000060081482},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.6758999824523926},{"id":"https://openalex.org/C48105269","wikidata":"https://www.wikidata.org/wiki/Q1141160","display_name":"Header","level":2,"score":0.6668000221252441},{"id":"https://openalex.org/C43364308","wikidata":"https://www.wikidata.org/wiki/Q8799","display_name":"Byte","level":2,"score":0.5541999936103821},{"id":"https://openalex.org/C137524506","wikidata":"https://www.wikidata.org/wiki/Q2247688","display_name":"Anomaly-based intrusion detection system","level":3,"score":0.513700008392334},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.5027999877929688},{"id":"https://openalex.org/C27061796","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion prevention system","level":3,"score":0.4618000090122223},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.43220001459121704},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.42160001397132874},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.39089998602867126},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.38519999384880066},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.37860000133514404},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3695000112056732},{"id":"https://openalex.org/C95362637","wikidata":"https://www.wikidata.org/wiki/Q54366","display_name":"Packet analyzer","level":3,"score":0.367000013589859},{"id":"https://openalex.org/C158251709","wikidata":"https://www.wikidata.org/wiki/Q354025","display_name":"Intrusion","level":2,"score":0.3589000105857849},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.3456000089645386},{"id":"https://openalex.org/C90936777","wikidata":"https://www.wikidata.org/wiki/Q917189","display_name":"Host-based intrusion detection system","level":4,"score":0.3440000116825104},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.33959999680519104},{"id":"https://openalex.org/C12267149","wikidata":"https://www.wikidata.org/wiki/Q282453","display_name":"Support vector machine","level":2,"score":0.31630000472068787},{"id":"https://openalex.org/C2781317605","wikidata":"https://www.wikidata.org/wiki/Q7832483","display_name":"Traffic analysis","level":2,"score":0.3140000104904175},{"id":"https://openalex.org/C111814575","wikidata":"https://www.wikidata.org/wiki/Q550893","display_name":"IP address spoofing","level":5,"score":0.3077999949455261},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.28439998626708984},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.26499998569488525},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.2556999921798706},{"id":"https://openalex.org/C2778012447","wikidata":"https://www.wikidata.org/wiki/Q1034415","display_name":"Scope (computer science)","level":2,"score":0.25519999861717224}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/pst65910.2025.11268880","is_oa":false,"landing_page_url":"https://doi.org/10.1109/pst65910.2025.11268880","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 22nd Annual International Conference on Privacy, Security, and Trust (PST)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":9,"referenced_works":["https://openalex.org/W2587847678","https://openalex.org/W2947296458","https://openalex.org/W2963197901","https://openalex.org/W2969804742","https://openalex.org/W2988465456","https://openalex.org/W2991408690","https://openalex.org/W3173170122","https://openalex.org/W4364361361","https://openalex.org/W4401402968"],"related_works":[],"abstract_inverted_index":{"Network":[0,74],"Intrusion":[1,75],"Detection":[2],"Systems":[3],"(NIDS)":[4],"have":[5,23,38],"been":[6,24,39],"established":[7],"as":[8,99,108,110],"a":[9,66],"valuable":[10],"tool":[11],"for":[12,177],"analyzing":[13],"network":[14,30],"traffic":[15],"to":[16,41,54,103,117,137,162],"identify":[17],"malicious":[18],"activity.":[19],"Machine":[20],"learning":[21,36],"techniques":[22,37,49],"employed":[25],"in":[26,86,140,170],"the":[27,45,71,104,118,121,132,141,144,147,175],"creation":[28],"of":[29,47,96,120,149],"intrusion":[31],"detection":[32],"systems.":[33],"While":[34],"machine":[35],"able":[40],"improve":[42],"NIDS\u2019s":[43,133],"performance,":[44],"use":[46],"such":[48,98],"leaves":[50],"an":[51],"NIDS":[52,78,172],"vulnerable":[53],"adversarial":[55,83,91,184],"example":[56],"attacks.":[57,185],"In":[58],"this":[59,63,159],"paper,":[60],"we":[61],"explore":[62],"vulnerability":[64],"against":[65,181],"NIDS,":[67],"Whisper,":[68],"based":[69],"on":[70],"Kitsune":[72],"Surveillance":[73],"Dataset.":[76],"The":[77],"is":[79],"attacked":[80],"with":[81],"temporal-spatial":[82,183],"examples":[84,92],"generated":[85],"four":[87],"different":[88,94],"ways.":[89],"These":[90,165],"include":[93],"combinations":[95],"modifications,":[97],"adding":[100],"no-op":[101],"bytes":[102],"IPv4":[105],"packet":[106,151],"headers,":[107],"well":[109],"small":[111],"random,":[112],"fixed,":[113],"or":[114],"lossinformed":[115],"perturbations":[116],"timestamp":[119,154],"packet.":[122],"Our":[123],"experiments":[124],"demonstrate":[125],"that":[126],"while":[127],"spatial-only":[128],"modifications":[129],"can":[130,156],"degrade":[131,158],"performance":[134],"by":[135,160],"up":[136,161],"10":[138],"units":[139],"area":[142],"under":[143],"ROC":[145],"curve,":[146],"combination":[148],"loss-informed":[150],"header":[152],"and":[153,173],"modification":[155],"further":[157],"15":[163],"units.":[164],"findings":[166],"highlight":[167],"significant":[168],"vulnerabilities":[169],"ML-based":[171],"suggest":[174],"need":[176],"more":[178],"robust":[179],"defenses":[180],"combined":[182]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2026-04-17T18:11:37.981687","created_date":"2025-12-03T00:00:00"}