Go to MathAI 2026 Conference homepageOn the Formalization of Constrained Adversarial Attacks in Network Traffic Analysis
Keywords: machine learning, adversarial attack, network intrusion detection, network traffic, constrained domains
TL;DR: This paper explores the challenges in the formalization of constrained adversarial attacks against machine learning-based intrusion detection systems for network traffic analysis, with a particular focus on constrained optimization formulations.
Abstract: This paper explores the challenges in the formalization of constrained adversarial attacks against machine learning-based intrusion detection systems for network traffic analysis. While effective at detecting anomalies and zero-day attacks in network traffic, such systems are vulnerable to adversarial attacks, particularly evasion attacks that introduce carefully designed perturbations into input data to cause misclassification. The structured and heterogeneous nature of network traffic and the complexity of extracted traffic features complicate the generation of functionally valid adversarial examples that represent realistic attack scenarios. Crafting realistic adversarial examples requires incorporating domain-specific constraints into the attack. This transforms the underlying optimization problem into a constrained optimization problem whose solution is non-trivial and does not guarantee convergence. This paper reviews existing approaches to incorporating domain constraints, discusses the limitations of traditional distance metrics in the context of network traffic, and highlights challenges arising from differences between feature-space and traffic-space attacks. We conclude that domain constraints must be accounted for as comprehensively as possible while preserving practical applicability, and that the effectiveness of constrained attack methods and constraint-handling approaches remains an open question.
Submission Number: 35
Loading