Privacy Benchmarking of Intrusion Detection Sytems

Solayman Ayoubi; Gregory Blanc; Houda Jmila; Sébastien Tixeuil

doi:10.1007/978-3-031-87772-8_34

Privacy Benchmarking of Intrusion Detection Sytems

Solayman Ayoubi
, Gregory Blanc
, Houda Jmila
, Sébastien Tixeuil

Research output: Chapter in Book/Report/Conference proceeding › Chapter › peer-review

Abstract

Network-based Intrusion Detection Systems (NIDS) are crucial in safeguarding network security, especially as cyber threats continue to evolve in complexity and scope. Despite significant advancements in IDS development, the evaluation of these systems remains inconsistent and often inadequate, particularly concerning their resilience to privacy attacks. This paper addresses this critical gap by introducing a systematic approach to assess the privacy vulnerabilities of IDS. We implement and integrate our evaluation method into the FREIDA [4, 5] tool, which is specifically designed to ensure the completeness, reliability, and reproducibility of machine learning-based IDS evaluations. To validate our approach, we conduct extensive experiments using established datasets, demonstrating the effectiveness and reliability of our evaluation methodology.

Original language	English
Title of host publication	Lecture Notes on Data Engineering and Communications Technologies
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	406-417
Number of pages	12
DOIs	https://doi.org/10.1007/978-3-031-87772-8_34
Publication status	Published - 1 Jan 2025

Publication series

Name	Lecture Notes on Data Engineering and Communications Technologies
Volume	248
ISSN (Print)	2367-4512
ISSN (Electronic)	2367-4520

Keywords

Intrusion detection system
Machine learning
Membership inference
Model extraction
Privacy leaks

Access to Document

10.1007/978-3-031-87772-8_34

Cite this

Ayoubi, S., Blanc, G., Jmila, H., & Tixeuil, S. (2025). Privacy Benchmarking of Intrusion Detection Sytems. In Lecture Notes on Data Engineering and Communications Technologies (pp. 406-417). (Lecture Notes on Data Engineering and Communications Technologies; Vol. 248). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-87772-8_34

@inbook{a48512a5362b47b29c368306a21ae460,

title = "Privacy Benchmarking of Intrusion Detection Sytems",

abstract = "Network-based Intrusion Detection Systems (NIDS) are crucial in safeguarding network security, especially as cyber threats continue to evolve in complexity and scope. Despite significant advancements in IDS development, the evaluation of these systems remains inconsistent and often inadequate, particularly concerning their resilience to privacy attacks. This paper addresses this critical gap by introducing a systematic approach to assess the privacy vulnerabilities of IDS. We implement and integrate our evaluation method into the FREIDA [4, 5] tool, which is specifically designed to ensure the completeness, reliability, and reproducibility of machine learning-based IDS evaluations. To validate our approach, we conduct extensive experiments using established datasets, demonstrating the effectiveness and reliability of our evaluation methodology.",

keywords = "Intrusion detection system, Machine learning, Membership inference, Model extraction, Privacy leaks",

author = "Solayman Ayoubi and Gregory Blanc and Houda Jmila and S{\'e}bastien Tixeuil",

note = "Publisher Copyright: {\textcopyright} The Author(s), under exclusive license to Springer Nature Switzerland AG 2025.",

year = "2025",

month = jan,

day = "1",

doi = "10.1007/978-3-031-87772-8\_34",

language = "English",

series = "Lecture Notes on Data Engineering and Communications Technologies",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "406--417",

booktitle = "Lecture Notes on Data Engineering and Communications Technologies",

}

Privacy Benchmarking of Intrusion Detection Sytems. / Ayoubi, Solayman; Blanc, Gregory; Jmila, Houda et al.
Lecture Notes on Data Engineering and Communications Technologies. Springer Science and Business Media Deutschland GmbH, 2025. p. 406-417 (Lecture Notes on Data Engineering and Communications Technologies; Vol. 248).

Research output: Chapter in Book/Report/Conference proceeding › Chapter › peer-review

TY - CHAP

T1 - Privacy Benchmarking of Intrusion Detection Sytems

AU - Ayoubi, Solayman

AU - Blanc, Gregory

AU - Jmila, Houda

AU - Tixeuil, Sébastien

N1 - Publisher Copyright: © The Author(s), under exclusive license to Springer Nature Switzerland AG 2025.

PY - 2025/1/1

Y1 - 2025/1/1

N2 - Network-based Intrusion Detection Systems (NIDS) are crucial in safeguarding network security, especially as cyber threats continue to evolve in complexity and scope. Despite significant advancements in IDS development, the evaluation of these systems remains inconsistent and often inadequate, particularly concerning their resilience to privacy attacks. This paper addresses this critical gap by introducing a systematic approach to assess the privacy vulnerabilities of IDS. We implement and integrate our evaluation method into the FREIDA [4, 5] tool, which is specifically designed to ensure the completeness, reliability, and reproducibility of machine learning-based IDS evaluations. To validate our approach, we conduct extensive experiments using established datasets, demonstrating the effectiveness and reliability of our evaluation methodology.

AB - Network-based Intrusion Detection Systems (NIDS) are crucial in safeguarding network security, especially as cyber threats continue to evolve in complexity and scope. Despite significant advancements in IDS development, the evaluation of these systems remains inconsistent and often inadequate, particularly concerning their resilience to privacy attacks. This paper addresses this critical gap by introducing a systematic approach to assess the privacy vulnerabilities of IDS. We implement and integrate our evaluation method into the FREIDA [4, 5] tool, which is specifically designed to ensure the completeness, reliability, and reproducibility of machine learning-based IDS evaluations. To validate our approach, we conduct extensive experiments using established datasets, demonstrating the effectiveness and reliability of our evaluation methodology.

KW - Intrusion detection system

KW - Machine learning

KW - Membership inference

KW - Model extraction

KW - Privacy leaks

UR - https://www.scopus.com/pages/publications/105003957235

U2 - 10.1007/978-3-031-87772-8_34

DO - 10.1007/978-3-031-87772-8_34

M3 - Chapter

AN - SCOPUS:105003957235

T3 - Lecture Notes on Data Engineering and Communications Technologies

SP - 406

EP - 417

BT - Lecture Notes on Data Engineering and Communications Technologies

PB - Springer Science and Business Media Deutschland GmbH

ER -