An Efficient FPGA Implementation of Principle Component Analysis based Network Intrusion Detection System

Author

Das, Abhishek ; Misra, Sanchit ; Joshi, Sumeet ; Zambreno, Joseph ; Memik, Gokhan ; Choudhary, Alok

Author_Institution

Electr. Eng. & Comput. Sci. Dept., Northwestern Univ., Evanston, IL

fYear

2008

fDate

10-14 March 2008

Firstpage

1160

Lastpage

1165

Abstract

Modern network intrusion detection systems (NIDSs) use anomaly detection to capture malicious attacks. Since such connections are described by large set of dimensions, processing these huge amounts of network data becomes extremely slow. To solve this time-efficiency problem, statistical methods like principal component analysis (PCA) can be used to reduce the dimensionality of the network data. In this paper, we design and implement an efficient FPGA architecture for Principal Component Analysis to be used in NIDSs. Moreover, using representative network intrusion traces, we show that our architecture correctly classifies attacks with detection rates exceeding 99.9% and false alarm rates as low as 1.95%. Our implementation on a Xilinx Virtex-II Pro FPGA platform provides a core throughput of up to 24.72 Gbps, clocking at a frequency of 96.56 MHz.

Keywords

field programmable gate arrays; logic design; principal component analysis; security of data; anomaly detection; field programmable gate arrays; frequency 96.56 MHz; network intrusion detection system; principle component analysis; Clocks; Computer networks; Field programmable gate arrays; Frequency; Hardware; Intrusion detection; Pattern matching; Principal component analysis; Statistical analysis; Throughput;

fLanguage

English

Publisher

ieee

Conference_Titel

Design, Automation and Test in Europe, 2008. DATE '08

Conference_Location

Munich

Print_ISBN

978-3-9810801-3-1

Electronic_ISBN

978-3-9810801-4-8

Type

conf

DOI

10.1109/DATE.2008.4484835

Filename

4484835