As cybersecurity detectors increasingly rely on machine learning mechanisms, attacks to these defenses escalate as well. Supervised classifiers are prone to adversarial evasion, and existing countermeasures suffer from many limitations. Most solutions degrade performance in the absence of adversarial perturbations; they are unable to face novel attack variants; they are applicable only to specific machine learning algorithms. We propose the first framework that can protect botnet detectors from adversarial attacks through deep reinforcement learning mechanisms. It automatically generates realistic attack samples that can evade detection, and it uses these samples to produce an augmented training set for producing hardened detectors. In such a way, we obtain more resilient detectors that can work even against unforeseen evasion attacks with the great merit of not penalizing their performance in the absence of specific attacks. We validate our proposal through an extensive experimental campaign that considers multiple machine learning algorithms and public datasets. The results highlight the improvements of the proposed solution over the state-of-the-art. Our method paves the way to novel and more robust cybersecurity detectors based on machine learning applied to network traffic analytics.

中文翻译：

---

针对僵尸网络规避攻击的深度强化对抗学习

随着网络安全检测器越来越依赖机器学习机制，对这些防御的攻击也在升级。有监督的分类器容易出现对抗性规避，现有的对策受到许多限制。大多数解决方案在没有对抗性扰动的情况下会降低性能；他们无法面对新的攻击变种；它们仅适用于特定的机器学习算法。我们提出了第一个框架，可以通过深度强化学习机制保护僵尸网络检测器免受对抗性攻击。它会自动生成可以逃避检测的真实攻击样本，并使用这些样本生成增强训练集以生成强化检测器。以这样的方式，我们获得了更有弹性的检测器，它们甚至可以对抗不可预见的规避攻击，其巨大优点是在没有特定攻击的情况下不会惩罚它们的性能。我们通过广泛的实验活动验证了我们的提议，该活动考虑了多种机器学习算法和公共数据集。结果突出了所提出的解决方案相对于最先进技术的改进。我们的方法为基于应用于网络流量分析的机器学习的新颖且更强大的网络安全检测器铺平了道路。结果突出了所提出的解决方案相对于最先进技术的改进。我们的方法为基于应用于网络流量分析的机器学习的新颖且更强大的网络安全检测器铺平了道路。结果突出了所提出的解决方案相对于最先进技术的改进。我们的方法为基于应用于网络流量分析的机器学习的新颖且更强大的网络安全检测器铺平了道路。