{"id":"https://openalex.org/W7134906699","doi":"https://doi.org/10.48550/arxiv.2603.08901","title":"NetDiffuser: Deceiving DNN-Based Network Attack Detection Systems with Diffusion-Generated Adversarial Traffic","display_name":"NetDiffuser: Deceiving DNN-Based Network Attack Detection Systems with Diffusion-Generated Adversarial Traffic","publication_year":2026,"publication_date":"2026-03-09","ids":{"openalex":"https://openalex.org/W7134906699","doi":"https://doi.org/10.48550/arxiv.2603.08901"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2603.08901","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.08901","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2603.08901","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5113146398","display_name":"Pratyay Kumar","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Kumar, Pratyay","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5128738305","display_name":"Abu Saleh Md Tayeen","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Tayeen, Abu Saleh Md","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029387062","display_name":"Satyajayant Misra","orcid":"https://orcid.org/0000-0001-7347-984X"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Misra, Satyajayant","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5128718334","display_name":"Huiping Cao","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Cao, Huiping","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5039379744","display_name":"Jiefei Liu","orcid":"https://orcid.org/0009-0006-6159-094X"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Liu, Jiefei","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5058905119","display_name":"Qixu Gong","orcid":"https://orcid.org/0009-0000-1984-0411"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Gong, Qixu","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5045999899","display_name":"Jayashree Harikumar","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Harikumar, Jayashree","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":7,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.722000002861023,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.722000002861023,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.08089999854564667,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.021400000900030136,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.7562000155448914},{"id":"https://openalex.org/keywords/benchmark","display_name":"Benchmark (surveying)","score":0.574400007724762},{"id":"https://openalex.org/keywords/feature","display_name":"Feature (linguistics)","score":0.5307000279426575},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.5228999853134155},{"id":"https://openalex.org/keywords/baseline","display_name":"Baseline (sea)","score":0.4957999885082245},{"id":"https://openalex.org/keywords/categorization","display_name":"Categorization","score":0.47189998626708984},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.4129999876022339},{"id":"https://openalex.org/keywords/component","display_name":"Component (thermodynamics)","score":0.4117000102996826},{"id":"https://openalex.org/keywords/face","display_name":"Face (sociological concept)","score":0.4108999967575073}],"concepts":[{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.7562000155448914},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7458000183105469},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5999000072479248},{"id":"https://openalex.org/C185798385","wikidata":"https://www.wikidata.org/wiki/Q1161707","display_name":"Benchmark (surveying)","level":2,"score":0.574400007724762},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5360999703407288},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.5307000279426575},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.5228999853134155},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.49619999527931213},{"id":"https://openalex.org/C12725497","wikidata":"https://www.wikidata.org/wiki/Q810247","display_name":"Baseline (sea)","level":2,"score":0.4957999885082245},{"id":"https://openalex.org/C94124525","wikidata":"https://www.wikidata.org/wiki/Q912550","display_name":"Categorization","level":2,"score":0.47189998626708984},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.4129999876022339},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.4117000102996826},{"id":"https://openalex.org/C2779304628","wikidata":"https://www.wikidata.org/wiki/Q3503480","display_name":"Face (sociological concept)","level":2,"score":0.4108999967575073},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.3946000039577484},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.36739999055862427},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.3434000015258789},{"id":"https://openalex.org/C52622490","wikidata":"https://www.wikidata.org/wiki/Q1026626","display_name":"Feature extraction","level":2,"score":0.3343999981880188},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.32910001277923584},{"id":"https://openalex.org/C58471807","wikidata":"https://www.wikidata.org/wiki/Q327120","display_name":"Receiver operating characteristic","level":2,"score":0.3019999861717224},{"id":"https://openalex.org/C95922358","wikidata":"https://www.wikidata.org/wiki/Q5432725","display_name":"False positive rate","level":2,"score":0.2924000024795532},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.29159998893737793},{"id":"https://openalex.org/C65856478","wikidata":"https://www.wikidata.org/wiki/Q3991682","display_name":"Attack model","level":2,"score":0.29089999198913574},{"id":"https://openalex.org/C12267149","wikidata":"https://www.wikidata.org/wiki/Q282453","display_name":"Support vector machine","level":2,"score":0.2842000126838684},{"id":"https://openalex.org/C67186912","wikidata":"https://www.wikidata.org/wiki/Q367664","display_name":"Data modeling","level":2,"score":0.27709999680519104},{"id":"https://openalex.org/C77052588","wikidata":"https://www.wikidata.org/wiki/Q644307","display_name":"Constant false alarm rate","level":2,"score":0.2639000117778778},{"id":"https://openalex.org/C114809511","wikidata":"https://www.wikidata.org/wiki/Q1412924","display_name":"Flow network","level":2,"score":0.2587999999523163}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2603.08901","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.08901","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2603.08901","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.08901","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"score":0.6465470790863037,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Deep":[0],"learning":[1,67],"(DL)-based":[2],"Network":[3],"Intrusion":[4],"Detection":[5],"System":[6],"(NIDS)":[7],"has":[8],"demonstrated":[9],"great":[10],"promise":[11],"in":[12,117,196],"detecting":[13],"malicious":[14],"network":[15,118,127],"traffic.":[16,119],"However,":[17],"they":[18,54],"face":[19],"significant":[20],"security":[21],"risks":[22],"due":[23],"to":[24,27,38,51,69,112,140,174,194,208],"their":[25],"vulnerability":[26],"adversarial":[28,33,45,164],"examples":[29,46],"(AEs).":[30],"Most":[31],"existing":[32],"attacks":[34],"maliciously":[35],"perturb":[36],"data":[37],"maximize":[39],"misclassification":[40],"errors.":[41],"Among":[42],"AEs,":[43],"natural":[44],"(NAEs)":[47],"are":[48],"particularly":[49],"difficult":[50],"detect":[52],"because":[53],"closely":[55],"resemble":[56],"real":[57],"data,":[58],"making":[59],"them":[60],"challenging":[61],"for":[62,78,91,145],"both":[63],"humans":[64],"and":[65,80,162,181],"machine":[66],"models":[68,139],"distinguish":[70],"from":[71],"legitimate":[72],"inputs.":[73],"Creating":[74],"NAEs":[75,93],"is":[76,110,133],"crucial":[77],"testing":[79],"strengthening":[81],"NIDS":[82,156],"defenses.":[83],"This":[84],"paper":[85],"proposes":[86],"NetDiffuser1,":[87],"a":[88,105,134,175],"novel":[89,102,135],"framework":[90],"generating":[92,146],"capable":[94],"of":[95,100,137],"deceiving":[96],"NIDS.":[97],"NetDiffuser":[98,148,171],"consists":[99],"two":[101],"components.":[103],"First,":[104],"new":[106],"feature":[107],"categorization":[108],"algorithm":[109],"designed":[111],"identify":[113],"relatively":[114],"independent":[115],"features":[116,122],"Perturbing":[120],"these":[121],"minimizes":[123],"changes":[124],"while":[125],"preserving":[126],"flow":[128],"validity.":[129],"The":[130],"second":[131],"component":[132],"application":[136],"diffusion":[138],"inject":[141],"semantically":[142],"consistent":[143],"perturbations":[144],"NAEs.":[147],"performance":[149,185],"was":[150],"extensively":[151],"evaluated":[152],"using":[153],"three":[154],"benchmark":[155],"datasets":[157],"across":[158],"various":[159],"model":[160],"architectures":[161],"state-of-the-art":[163],"detectors.":[165],"Our":[166],"experimental":[167],"results":[168],"show":[169],"that":[170],"achieves":[172],"up":[173,193],"29.93%":[176],"higher":[177],"attack":[178],"success":[179],"rate":[180],"reduces":[182],"AE":[183],"detection":[184],"by":[186],"at":[187],"least":[188],"0.267":[189],"(in":[190],"some":[191],"cases":[192],"0.534)":[195],"the":[197,200,209],"Area":[198],"under":[199],"Receiver":[201],"Operating":[202],"Characteristic":[203],"Curve":[204],"(AUC-ROC)":[205],"score":[206],"compared":[207],"baseline":[210],"attacks.":[211]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2026-03-12T00:00:00"}