Title :
An Efficient FPGA Implementation of Principle Component Analysis based Network Intrusion Detection System
Author :
Das, Abhishek ; Misra, Sanchit ; Joshi, Sumeet ; Zambreno, Joseph ; Memik, Gokhan ; Choudhary, Alok
Author_Institution :
Electr. Eng. & Comput. Sci. Dept., Northwestern Univ., Evanston, IL
Abstract :
Modern network intrusion detection systems (NIDSs) use anomaly detection to capture malicious attacks. Since such connections are described by large set of dimensions, processing these huge amounts of network data becomes extremely slow. To solve this time-efficiency problem, statistical methods like principal component analysis (PCA) can be used to reduce the dimensionality of the network data. In this paper, we design and implement an efficient FPGA architecture for Principal Component Analysis to be used in NIDSs. Moreover, using representative network intrusion traces, we show that our architecture correctly classifies attacks with detection rates exceeding 99.9% and false alarm rates as low as 1.95%. Our implementation on a Xilinx Virtex-II Pro FPGA platform provides a core throughput of up to 24.72 Gbps, clocking at a frequency of 96.56 MHz.
Keywords :
field programmable gate arrays; logic design; principal component analysis; security of data; anomaly detection; field programmable gate arrays; frequency 96.56 MHz; network intrusion detection system; principle component analysis; Clocks; Computer networks; Field programmable gate arrays; Frequency; Hardware; Intrusion detection; Pattern matching; Principal component analysis; Statistical analysis; Throughput;
Conference_Titel :
Design, Automation and Test in Europe, 2008. DATE '08
Conference_Location :
Munich
Print_ISBN :
978-3-9810801-3-1
Electronic_ISBN :
978-3-9810801-4-8
DOI :
10.1109/DATE.2008.4484835
