Machine Learning (ML) plays a central role in Network Intrusion Detection Systems (NIDS), as it can be used to analyze complex traffic patterns and detect previously unseen attacks. With Industrial Control Systems (ICS) becoming increasingly connected and exposed to novel threats, ML-NIDS have been widely adopted to provide automated detection of cyberattacks targeting control processes and critical infrastructures. While ML-NIDS demonstrate good effectiveness and high performance, adversarial ML attacks based on input data manipulation have been shown to undermine their robustness. However, existing adversarial strategies against ML-NIDS in ICS primarily focus on modifying traffic attributes at the flow level, without considering the constraints imposed by the underlying network protocols. In this paper, we propose a packet-level adversarial attack to evade ML-NIDS for Modbus TCP. We modify raw packet captures using two manipulation methods, namely jitter and padding, which reshape the features of the resulting flows while preserving Modbus functionalities. We evaluate the impact of these perturbations on the CIC Modbus 2023 dataset, considering three different attacker scenarios and targeting three popular ML models (Decision Tree, Random Forest, Histogram Gradient Boosting). Results show that our attack strategies degrade ML-NIDS performance, with detection rates falling below 0.5 in 31 out of 45 cases.

Evading ML Network Intrusion Detection Systems for Modbus TCP with Problem-Space Perturbations / Galli, D., Zoccoli, G.G., Bianchini, D., Stabili, D., Marchetti, M.. - 4198:(2026). (2026 Joint National Conference on Cybersecurity, ITASEC and SERICS 2026 ita 2026).

Evading ML Network Intrusion Detection Systems for Modbus TCP with Problem-Space Perturbations

Galli D.;Stabili D.;
2026

Abstract

Machine Learning (ML) plays a central role in Network Intrusion Detection Systems (NIDS), as it can be used to analyze complex traffic patterns and detect previously unseen attacks. With Industrial Control Systems (ICS) becoming increasingly connected and exposed to novel threats, ML-NIDS have been widely adopted to provide automated detection of cyberattacks targeting control processes and critical infrastructures. While ML-NIDS demonstrate good effectiveness and high performance, adversarial ML attacks based on input data manipulation have been shown to undermine their robustness. However, existing adversarial strategies against ML-NIDS in ICS primarily focus on modifying traffic attributes at the flow level, without considering the constraints imposed by the underlying network protocols. In this paper, we propose a packet-level adversarial attack to evade ML-NIDS for Modbus TCP. We modify raw packet captures using two manipulation methods, namely jitter and padding, which reshape the features of the resulting flows while preserving Modbus functionalities. We evaluate the impact of these perturbations on the CIC Modbus 2023 dataset, considering three different attacker scenarios and targeting three popular ML models (Decision Tree, Random Forest, Histogram Gradient Boosting). Results show that our attack strategies degrade ML-NIDS performance, with detection rates falling below 0.5 in 31 out of 45 cases.
2026
2026 Joint National Conference on Cybersecurity, ITASEC and SERICS 2026
ita
2026
4198
Galli, D.; Zoccoli, G. G.; Bianchini, D.; Stabili, D.; Marchetti, M.
Evading ML Network Intrusion Detection Systems for Modbus TCP with Problem-Space Perturbations / Galli, D., Zoccoli, G.G., Bianchini, D., Stabili, D., Marchetti, M.. - 4198:(2026). (2026 Joint National Conference on Cybersecurity, ITASEC and SERICS 2026 ita 2026).
File in questo prodotto:
File Dimensione Formato  
paper25.pdf

Open access

Tipologia: VOR - Versione pubblicata dall'editore
Dimensione 1.51 MB
Formato Adobe PDF
1.51 MB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

Licenza Creative Commons
I metadati presenti in IRIS UNIMORE sono rilasciati con licenza Creative Commons CC0 1.0 Universal, mentre i file delle pubblicazioni sono rilasciati con licenza Attribuzione 4.0 Internazionale (CC BY 4.0), salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11380/1412209
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? ND
social impact