FPGA/AI-Powered Architecture for Anomaly Network Intrusion Detection Systems
نویسندگان
چکیده
This paper proposes an architecture to develop machine learning/deep learning models for anomaly network intrusion detection systems on reconfigurable computing platforms. We build two validate the framework: Anomaly Detection Autoencoder (ADA) and Artificial Neural Classification (ANC) in NetFPGA-sume platform. Three published data sets NSL-KDD, UNSW-NB15, CIC-IDS2017 are used test deployed models’ throughput, latency, accuracy. Experimental results with NetFPGA-SUME show that ADA model uses 20.97% LUTs, 15.16% FFs, 19.42% BRAM, 6.81% DSP while ANC requires 21.39% 15.19% FFS, 14.59% 3.67% DSP. achieve a bandwidth of up 28.7 Gbps 34.74 Gbps, respectively. In terms can process at 18.7 Gops, offer 10 Gops different datasets. With NSL-KDD dataset, achieves 90.87% accuracy false negative rate 4.86%. The UNSW-NB15 obtains 87.49% 98.22%, respectively, rates achieving 2.0% 6.2%,
منابع مشابه
Revisiting Anomaly-based Network Intrusion Detection Systems
Intrusion detection systems (IDSs) are well-known and widely-deployed security tools to detect cyber-attacks and malicious activities in computer systems and networks. A signature-based IDS works similar to anti-virus software. It employs a signature database of known attacks, and a successful match with current input raises an alert. A signature-based IDS cannot detect unknown attacks, either ...
متن کاملMoving dispersion method for statistical anomaly detection in intrusion detection systems
A unified method for statistical anomaly detection in intrusion detection systems is theoretically introduced. It is based on estimating a dispersion measure of numerical or symbolic data on successive moving windows in time and finding the times when a relative change of the dispersion measure is significant. Appropriate dispersion measures, relative differences, moving windows, as well as tec...
متن کاملArtificial Neural Network for Anomaly Intrusion Detection
Since the advent of intrusion detection system (IDS) in the early 1980s, IDS has been suffering many problems until now. The detection of novel attacks and lower rate of false alarms must be realized in successful IDS. Misuse detection compares data against predefined patterns usually collected by an IDS signature database. It is hard for misuse detection to detect even slightly variation of kn...
متن کاملAssessment Methodology for Anomaly-Based Intrusion Detection in Cloud Computing
Cloud computing has become an attractive target for attackers as the mainstream technologies in the cloud, such as the virtualization and multitenancy, permit multiple users to utilize the same physical resource, thereby posing the so-called problem of internal facing security. Moreover, the traditional network-based intrusion detection systems (IDSs) are ineffective to be deployed in the cloud...
متن کاملAnomaly-Based Intrusion Detection for SCADA Systems
Most critical infrastructure such as chemical processing plants, electrical generation and distribution networks, and gas distribution is monitored and controlled by Supervisory Control and Data Acquisition Systems (SCADA). These systems have been the focus of increased security and there are concerns that they could be the target of international terrorists. With the constantly growing number ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Electronics
سال: 2023
ISSN: ['2079-9292']
DOI: https://doi.org/10.3390/electronics12030668