An efficient FPGA implementation of principle component analysis based Network Intrusion Detection System

Abhishek Das; Sanchit Misra; Sumeet Joshi; Joseph Zambreno; Gokhan Memik; Alok Nidhi Choudhary

doi:10.1109/DATE.2008.4484835

An efficient FPGA implementation of principle component analysis based Network Intrusion Detection System

Abhishek Das^*, Sanchit Misra, Sumeet Joshi, Joseph Zambreno, Gokhan Memik, Alok Nidhi Choudhary

^*Corresponding author for this work

Electrical and Computer Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

15 Scopus citations

Abstract

Modern Network Intrsuion Detection Systems (NIDSs) use anomaly detection to capture malicious attacks. Since such connections are described by large set of dimensions, processing these huge amounts of network data becomes extremely slow. To solve this time-efficiency problem, statistical methods like Principal Component Analysis (PCA) can be used to reduce the dimensionality of the network data. In this paper, we design and implement an efficient FPGA architecture for Principal Component Analysis to be used in NIDSs. Moreover, using representative network intrusion traces, we show that our architecture correctly classifies attacks with detection rates exceeding 99.9% and false alarm rates as low as 1.95%. Our implementation on a Xilinx Virtex-II Pro FPGA platform provides a core throughput of up to 24.72 Gbps, clocking at a frequency of 96.56 MHz.

Original language	English (US)
Title of host publication	Design, Automation and Test in Europe, DATE 2008
Pages	1160-1165
Number of pages	6
DOIs	https://doi.org/10.1109/DATE.2008.4484835
State	Published - 2008
Event	Design, Automation and Test in Europe, DATE 2008 - Munich, Germany Duration: Mar 10 2008 → Mar 14 2008

Publication series

Name	Proceedings -Design, Automation and Test in Europe, DATE
ISSN (Print)	1530-1591

Other

Other	Design, Automation and Test in Europe, DATE 2008
Country/Territory	Germany
City	Munich
Period	3/10/08 → 3/14/08

ASJC Scopus subject areas

Engineering(all)

Access to Document

10.1109/DATE.2008.4484835

Cite this

Das, A., Misra, S., Joshi, S., Zambreno, J., Memik, G., & Choudhary, A. N. (2008). An efficient FPGA implementation of principle component analysis based Network Intrusion Detection System. In Design, Automation and Test in Europe, DATE 2008 (pp. 1160-1165). [4484835] (Proceedings -Design, Automation and Test in Europe, DATE). https://doi.org/10.1109/DATE.2008.4484835

@inproceedings{1277dcf8293d41aea8b25242eb794bf8,

title = "An efficient FPGA implementation of principle component analysis based Network Intrusion Detection System",

abstract = "Modern Network Intrsuion Detection Systems (NIDSs) use anomaly detection to capture malicious attacks. Since such connections are described by large set of dimensions, processing these huge amounts of network data becomes extremely slow. To solve this time-efficiency problem, statistical methods like Principal Component Analysis (PCA) can be used to reduce the dimensionality of the network data. In this paper, we design and implement an efficient FPGA architecture for Principal Component Analysis to be used in NIDSs. Moreover, using representative network intrusion traces, we show that our architecture correctly classifies attacks with detection rates exceeding 99.9% and false alarm rates as low as 1.95%. Our implementation on a Xilinx Virtex-II Pro FPGA platform provides a core throughput of up to 24.72 Gbps, clocking at a frequency of 96.56 MHz.",

author = "Abhishek Das and Sanchit Misra and Sumeet Joshi and Joseph Zambreno and Gokhan Memik and Choudhary, {Alok Nidhi}",

year = "2008",

doi = "10.1109/DATE.2008.4484835",

language = "English (US)",

isbn = "9783981080",

series = "Proceedings -Design, Automation and Test in Europe, DATE",

pages = "1160--1165",

booktitle = "Design, Automation and Test in Europe, DATE 2008",

note = "Design, Automation and Test in Europe, DATE 2008 ; Conference date: 10-03-2008 Through 14-03-2008",

}

Das, A, Misra, S, Joshi, S, Zambreno, J, Memik, G & Choudhary, AN 2008, An efficient FPGA implementation of principle component analysis based Network Intrusion Detection System. in Design, Automation and Test in Europe, DATE 2008., 4484835, Proceedings -Design, Automation and Test in Europe, DATE, pp. 1160-1165, Design, Automation and Test in Europe, DATE 2008, Munich, Germany, 3/10/08. https://doi.org/10.1109/DATE.2008.4484835

An efficient FPGA implementation of principle component analysis based Network Intrusion Detection System. / Das, Abhishek; Misra, Sanchit; Joshi, Sumeet; Zambreno, Joseph; Memik, Gokhan ; Choudhary, Alok Nidhi.

Design, Automation and Test in Europe, DATE 2008. 2008. p. 1160-1165 4484835 (Proceedings -Design, Automation and Test in Europe, DATE).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - An efficient FPGA implementation of principle component analysis based Network Intrusion Detection System

AU - Das, Abhishek

AU - Misra, Sanchit

AU - Joshi, Sumeet

AU - Zambreno, Joseph

AU - Memik, Gokhan

AU - Choudhary, Alok Nidhi

PY - 2008

Y1 - 2008

N2 - Modern Network Intrsuion Detection Systems (NIDSs) use anomaly detection to capture malicious attacks. Since such connections are described by large set of dimensions, processing these huge amounts of network data becomes extremely slow. To solve this time-efficiency problem, statistical methods like Principal Component Analysis (PCA) can be used to reduce the dimensionality of the network data. In this paper, we design and implement an efficient FPGA architecture for Principal Component Analysis to be used in NIDSs. Moreover, using representative network intrusion traces, we show that our architecture correctly classifies attacks with detection rates exceeding 99.9% and false alarm rates as low as 1.95%. Our implementation on a Xilinx Virtex-II Pro FPGA platform provides a core throughput of up to 24.72 Gbps, clocking at a frequency of 96.56 MHz.

AB - Modern Network Intrsuion Detection Systems (NIDSs) use anomaly detection to capture malicious attacks. Since such connections are described by large set of dimensions, processing these huge amounts of network data becomes extremely slow. To solve this time-efficiency problem, statistical methods like Principal Component Analysis (PCA) can be used to reduce the dimensionality of the network data. In this paper, we design and implement an efficient FPGA architecture for Principal Component Analysis to be used in NIDSs. Moreover, using representative network intrusion traces, we show that our architecture correctly classifies attacks with detection rates exceeding 99.9% and false alarm rates as low as 1.95%. Our implementation on a Xilinx Virtex-II Pro FPGA platform provides a core throughput of up to 24.72 Gbps, clocking at a frequency of 96.56 MHz.

UR - http://www.scopus.com/inward/record.url?scp=49749151354&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=49749151354&partnerID=8YFLogxK

U2 - 10.1109/DATE.2008.4484835

DO - 10.1109/DATE.2008.4484835

M3 - Conference contribution

AN - SCOPUS:49749151354

SN - 9783981080

SN - 9789783981089

T3 - Proceedings -Design, Automation and Test in Europe, DATE

SP - 1160

EP - 1165

BT - Design, Automation and Test in Europe, DATE 2008

T2 - Design, Automation and Test in Europe, DATE 2008

Y2 - 10 March 2008 through 14 March 2008

ER -

An efficient FPGA implementation of principle component analysis based Network Intrusion Detection System

Abstract

Publication series

Other

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this