Saved in:
Bibliographic Details
Main Authors: Chehade, Adel, Ragusa, Edoardo, Gastaldo, Paolo, Zunino, Rodolfo
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2512.02276
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866918227636912128
author Chehade, Adel
Ragusa, Edoardo
Gastaldo, Paolo
Zunino, Rodolfo
author_facet Chehade, Adel
Ragusa, Edoardo
Gastaldo, Paolo
Zunino, Rodolfo
contents Traffic classification (TC) plays a critical role in cybersecurity, particularly in IoT and embedded contexts, where inspection must often occur locally under tight hardware constraints. We use hardware-aware neural architecture search (HW-NAS) to derive lightweight TC models that are accurate, efficient, and deployable on edge platforms. Two input formats are considered: a flattened byte sequence and a 2D packet-wise time series; we examine how input structure affects adversarial vulnerability when using resource-constrained models. Robustness is assessed against white-box attacks, specifically Fast Gradient Sign Method (FGSM) and Projected Gradient Descent (PGD). On USTC-TFC2016, both HW-NAS models achieve over 99% clean-data accuracy while remaining within 65k parameters and 2M FLOPs. Yet under perturbations of strength 0.1, their robustness diverges: the flat model retains over 85% accuracy, while the time-series variant drops below 35%. Adversarial fine-tuning delivers robust gains, with flat-input accuracy exceeding 96% and the time-series variant recovering over 60 percentage points in robustness, all without compromising efficiency. The results underscore how input structure influences adversarial vulnerability, and show that even compact, resource-efficient models can attain strong robustness, supporting their practical deployment in secure edge-based TC.
format Preprint
id arxiv_https___arxiv_org_abs_2512_02276
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Adversarial Robustness of Traffic Classification under Resource Constraints: Input Structure Matters
Chehade, Adel
Ragusa, Edoardo
Gastaldo, Paolo
Zunino, Rodolfo
Networking and Internet Architecture
Cryptography and Security
Machine Learning
Traffic classification (TC) plays a critical role in cybersecurity, particularly in IoT and embedded contexts, where inspection must often occur locally under tight hardware constraints. We use hardware-aware neural architecture search (HW-NAS) to derive lightweight TC models that are accurate, efficient, and deployable on edge platforms. Two input formats are considered: a flattened byte sequence and a 2D packet-wise time series; we examine how input structure affects adversarial vulnerability when using resource-constrained models. Robustness is assessed against white-box attacks, specifically Fast Gradient Sign Method (FGSM) and Projected Gradient Descent (PGD). On USTC-TFC2016, both HW-NAS models achieve over 99% clean-data accuracy while remaining within 65k parameters and 2M FLOPs. Yet under perturbations of strength 0.1, their robustness diverges: the flat model retains over 85% accuracy, while the time-series variant drops below 35%. Adversarial fine-tuning delivers robust gains, with flat-input accuracy exceeding 96% and the time-series variant recovering over 60 percentage points in robustness, all without compromising efficiency. The results underscore how input structure influences adversarial vulnerability, and show that even compact, resource-efficient models can attain strong robustness, supporting their practical deployment in secure edge-based TC.
title Adversarial Robustness of Traffic Classification under Resource Constraints: Input Structure Matters
topic Networking and Internet Architecture
Cryptography and Security
Machine Learning
url https://arxiv.org/abs/2512.02276