{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T06:10:00Z","timestamp":1776060600153,"version":"3.50.1"},"reference-count":34,"publisher":"Wiley","issue":"1","license":[{"start":{"date-parts":[[2025,10,31]],"date-time":"2025-10-31T00:00:00Z","timestamp":1761868800000},"content-version":"vor","delay-in-days":303,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/doi.wiley.com\/10.1002\/tdm_license_1.1"}],"funder":[{"DOI":"10.13039\/501100012226","name":"Fundamental Research Funds for the Central Universities","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100012226","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100008522","name":"China University of Political Science and Law","doi-asserted-by":"publisher","award":["21ZFY52001"],"award-info":[{"award-number":["21ZFY52001"]}],"id":[{"id":"10.13039\/501100008522","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["onlinelibrary.wiley.com"],"crossmark-restriction":true},"short-container-title":["International Journal of Intelligent Systems"],"published-print":{"date-parts":[[2025,1]]},"abstract":"<jats:p>With the increasing importance of privacy and data security in network communications, network intrusion detection systems (NIDSs) play a vital role in safeguarding against unauthorized access and data breaches. NIDSs utilize machine learning or deep learning models to distinguish between normal and malicious traffic, taking preventive actions when suspicious activities are identified. However, the vulnerability of these models to adversarial attacks poses a significant threat to data privacy and security. Attackers can exploit adversarial attacks to evade NIDS detection, potentially leading to the compromise of sensitive information. Existing research on adversarial attacks primarily focuses on white\u2010box scenarios, which assume attackers have complete knowledge of the target model. This assumption is unrealistic in real\u2010world scenarios. Moreover, adversarial examples generated through random perturbations or unconstrained methods are often easily detectable by classifiers, and they may not retain the full attack capabilities. To address these issues, this article explores a black\u2010box adversarial attack approach, using alternative model algorithms to obtain the output of the target model without requiring detailed model information and utilizing adversarial sample generation method (A\u2010M) with realistic constraints for adversarial attacks, which is more aligned with real\u2010world data privacy and security issues. When evaluating the method proposed in this article, deep neural network (DNN) was used as the basic model and compared with various models in experiments. Comparing the generated adversarial examples with the original NSL\u2010KDD dataset and KDD\u2010CUP 99 dataset, the accuracy decreased to around 50% in binary and multiclassification scenarios, demonstrating the effectiveness of this method.<\/jats:p>","DOI":"10.1155\/int\/1500333","type":"journal-article","created":{"date-parts":[[2025,10,31]],"date-time":"2025-10-31T14:57:23Z","timestamp":1761922643000},"update-policy":"https:\/\/doi.org\/10.1002\/crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Securing Data Privacy in NIDS: Black\u2010Box Adversarial Attacks"],"prefix":"10.1155","volume":"2025","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4422-0606","authenticated-orcid":false,"given":"Dawei","family":"Xu","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0002-4242-084X","authenticated-orcid":false,"given":"Yunfang","family":"Liang","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9915-0118","authenticated-orcid":false,"given":"Yunfan","family":"Yang","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0962-4464","authenticated-orcid":false,"given":"Yajie","family":"Wang","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3333-9281","authenticated-orcid":false,"given":"Baokun","family":"Zheng","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7684-8540","authenticated-orcid":false,"given":"Chuan","family":"Zhang","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3277-3887","authenticated-orcid":false,"given":"Liehuang","family":"Zhu","sequence":"additional","affiliation":[]}],"member":"311","published-online":{"date-parts":[[2025,10,31]]},"reference":[{"key":"e_1_2_10_1_2","doi-asserted-by":"publisher","DOI":"10.1002\/ett.4150"},{"key":"e_1_2_10_2_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.compeleceng.2022.107764"},{"key":"e_1_2_10_3_2","doi-asserted-by":"crossref","unstructured":"ErlacherF.andDresslerF. Fixids: A High-Speed Signature Based Flow Intrusion Detection System NOMS 2018-2018 IEEE\/IFIP Network Operations and Management Symposium April 2018 Taipei Taiwan IEEE 1\u20138.","DOI":"10.1109\/NOMS.2018.8406247"},{"key":"e_1_2_10_4_2","unstructured":"IoulianouP. VasilakisV. MoscholiosI. andLogothetisM. A Signature-Based Intrusion Detection System for the Internet of Things. Information and Communication Technology Form 2018."},{"key":"e_1_2_10_5_2","doi-asserted-by":"publisher","DOI":"10.5815\/ijcnis.2019.03.02"},{"key":"e_1_2_10_6_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2021.05.025"},{"key":"e_1_2_10_7_2","unstructured":"SzegedyC. ZarembaW. SutskeverI.et al. Intriguing Properties of Neural Networks 2013."},{"key":"e_1_2_10_8_2","doi-asserted-by":"crossref","unstructured":"Moosavi-DezfooliS.-M. FawziA. andFrossardP. Deepfool: A Simple and Accurate Method to Fool Deep Neural Networks Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition June 2016 Denver CO 2574\u20132582 https:\/\/doi.org\/10.1109\/cvpr.2016.282 2-s2.0-84986325571.","DOI":"10.1109\/CVPR.2016.282"},{"key":"e_1_2_10_9_2","doi-asserted-by":"publisher","DOI":"10.1109\/access.2021.3127960"},{"key":"e_1_2_10_10_2","volume-title":"Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection","author":"Ptacek T. H.","year":"1998"},{"key":"e_1_2_10_11_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2013.03.022"},{"key":"e_1_2_10_12_2","doi-asserted-by":"publisher","DOI":"10.1109\/msp.2006.159"},{"key":"e_1_2_10_13_2","article-title":"Network Intrusion Detection: Evasion, Traffic Normalization, and end-to-end Protocol Semantics","volume":"2001","author":"Kreibich C.","year":"2001","journal-title":"USENIX Security Symposium"},{"key":"e_1_2_10_14_2","doi-asserted-by":"publisher","DOI":"10.1109\/surv.2011.092311.00082"},{"key":"e_1_2_10_15_2","doi-asserted-by":"crossref","unstructured":"MutzD. VignaG. andKemmererR. An Experience Developing an Ids Stimulator for the black-box Testing of Network Intrusion Detection Systems 19th Annual Computer Security Applications Conference 2003. Proceedings December 2003 Washington DC USA IEEE 374\u2013383.","DOI":"10.1109\/CSAC.2003.1254342"},{"key":"e_1_2_10_16_2","doi-asserted-by":"crossref","unstructured":"TanK. M. C. KillourhyK. S. andMaxionR. A. Undermining an Anomaly-based Intrusion Detection System Using Common Exploits Recent Advances in Intrusion Detection: 5th International Symposium RAID 2002 October 2002 Zurich Switzerland.","DOI":"10.1007\/3-540-36084-0_4"},{"key":"e_1_2_10_17_2","doi-asserted-by":"crossref","unstructured":"KayacikH. Gu\u00a8nesandZincir-HeywoodA. N. Mimicry Attacks Demystified: what Can Attackers Do to Evade Detection? 2008 Sixth Annual Conference on Privacy Security and Trust October 2008 Fredericton Canada IEEE 213\u2013223.","DOI":"10.1109\/PST.2008.25"},{"key":"e_1_2_10_18_2","doi-asserted-by":"crossref","unstructured":"Gunes KayacikH. Nur Zincir-HeywoodA. HeywoodM. I. andBurschkaS. Generating Mimicry Attacks Using Genetic Programming: a Benchmarking Study 2009 IEEE Symposium on Computational Intelligence in Cyber Security April 2009 Nashville TN IEEE 136\u2013143.","DOI":"10.1109\/CICYBS.2009.4925101"},{"key":"e_1_2_10_19_2","unstructured":"FoglaP. SharifM. I. PerdisciR. KolesnikovO. M. andLeeW. Polymorphic Blending Attacks USENIX Security Symposium August 2006 Baltimore MD 241\u2013256."},{"key":"e_1_2_10_20_2","doi-asserted-by":"crossref","unstructured":"FoglaP.andLeeW. Evading Network Anomaly Detection Systems: Formal Reasoning and Practical Techniques Proceedings of the 13th ACM Conference on Computer and Communications Security April 2006 Alexandria VA 59\u201368 https:\/\/doi.org\/10.1145\/1180405.1180414 2-s2.0-34547359214.","DOI":"10.1145\/1180405.1180414"},{"key":"e_1_2_10_21_2","doi-asserted-by":"publisher","DOI":"10.1109\/tnnls.2018.2886017"},{"key":"e_1_2_10_22_2","unstructured":"GoodfellowI. J. ShlensJ. andSzegedyC. Explaining and Harnessing Adversarial Examples 2014."},{"key":"e_1_2_10_23_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40994-3_25"},{"key":"e_1_2_10_24_2","doi-asserted-by":"crossref","unstructured":"PapernotN. McDanielP. JhaS. FredriksonM. CelikZ. B. andSwamiA. The Limitations of Deep Learning in Adversarial Settings 2016 IEEE European Symposium on Security and Privacy (Euros&P) March 2016 Saarbr\u00fccken Germany IEEE 372\u2013387.","DOI":"10.1109\/EuroSP.2016.36"},{"key":"e_1_2_10_25_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.asoc.2023.110173"},{"key":"e_1_2_10_26_2","doi-asserted-by":"publisher","DOI":"10.32604\/cmc.2022.029858"},{"key":"e_1_2_10_27_2","doi-asserted-by":"publisher","DOI":"10.1109\/tcsvt.2024.3425655"},{"key":"e_1_2_10_28_2","doi-asserted-by":"crossref","unstructured":"UsamaM. AsimM. SiddiqueL. QadirJ.et al. Generative Adversarial Networks for Launching and Thwarting Adversarial Attacks on Network Intrusion Detection Systems 2019 15th International Wireless Communications & Mobile Computing Conference (IWCMC) March 2019 Tangier Morocco IEEE 78\u201383.","DOI":"10.1109\/IWCMC.2019.8766353"},{"key":"e_1_2_10_29_2","doi-asserted-by":"publisher","DOI":"10.1109\/tpami.2024.3519803"},{"key":"e_1_2_10_30_2","doi-asserted-by":"crossref","unstructured":"AlatwiH. A.andMorissetC. Realism Versus Performance for Adversarial Examples Against dl-based Nids Proceedings of the 38th ACM\/SIGAPP Symposium on Applied Computing March 2023 New York NY 1549\u20131557 https:\/\/doi.org\/10.1145\/3555776.3577671.","DOI":"10.1145\/3555776.3577671"},{"key":"e_1_2_10_31_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2021.04.118"},{"key":"e_1_2_10_32_2","doi-asserted-by":"publisher","DOI":"10.1109\/tip.2023.3276331"},{"key":"e_1_2_10_33_2","doi-asserted-by":"publisher","DOI":"10.1109\/tifs.2025.3608665"},{"key":"e_1_2_10_34_2","unstructured":"XiaoD. ZhangC. DengH. LiangJ. WangL. andZhuL. Parallelizing Universal Atomic Swaps for Multi\u2010Chain Cryptocurrency Exchanges 34th USENIX Security Symposium (USENIX Security 25) August 2025 Seattle WA 4073\u20134092."}],"container-title":["International Journal of Intelligent Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/pdf\/10.1155\/int\/1500333","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/full-xml\/10.1155\/int\/1500333","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/pdf\/10.1155\/int\/1500333","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,8]],"date-time":"2026-03-08T17:56:56Z","timestamp":1772992616000},"score":1,"resource":{"primary":{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/10.1155\/int\/1500333"}},"subtitle":[],"editor":[{"given":"Richard","family":"Murray","sequence":"additional","affiliation":[]}],"short-title":[],"issued":{"date-parts":[[2025,1]]},"references-count":34,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2025,1]]}},"alternative-id":["10.1155\/int\/1500333"],"URL":"https:\/\/doi.org\/10.1155\/int\/1500333","archive":["Portico"],"relation":{},"ISSN":["0884-8173","1098-111X"],"issn-type":[{"value":"0884-8173","type":"print"},{"value":"1098-111X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,1]]},"assertion":[{"value":"2025-02-14","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-10-07","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-10-31","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}],"article-number":"1500333"}}