TANTRA: Timing-Based Adversarial Network Traffic Reshaping Attack.

Yam Sharon, David Berend, Yang Liu, Asaf Shabtai, Yuval Elovici

Research output: Working paper/PreprintPreprint


Network intrusion attacks are a known threat. To detect such
attacks, network intrusion detection systems (NIDSs) have
been developed and deployed. These systems apply machine
learning models to high-dimensional vectors of features extracted from network traffic to detect intrusions. Advances
in NIDSs have made it challenging for attackers, who must
execute attacks without being detected by these systems. Prior
research on bypassing NIDSs has mainly focused on perturbing the features extracted from the attack traffic to fool the
detection system, however, this may jeopardize the attack’s
functionality. In this work, we present TANTRA, a novel endto-end Timing-based Adversarial Network Traffic Reshaping
Attack that can bypass a variety of NIDSs. Our evasion attack utilizes a long short-term memory (LSTM) deep neural
network (DNN) which is trained to learn the time differences
between the target network’s benign packets. The trained
LSTM is used to set the time differences between the malicious traffic packets (attack), without changing their content,
such that they will "behave" like benign network traffic and
will not be detected as an intrusion. We evaluate TANTRA
on eight common intrusion attacks and three state-of-the-art
NIDS systems, achieving an average success rate of 99.99%
in network intrusion detection system evasion. We also propose a novel mitigation technique to address this new evasion
Original languageEnglish
StatePublished - 2021

Publication series



Dive into the research topics of 'TANTRA: Timing-Based Adversarial Network Traffic Reshaping Attack.'. Together they form a unique fingerprint.

Cite this