Towards an Energy-Efficient Anomaly-Based Intrusion Detection Engine for Embedded Systems

@article{Viegas2017TowardsAE,
  title={Towards an Energy-Efficient Anomaly-Based Intrusion Detection Engine for Embedded Systems},
  author={Eduardo Kugler Viegas and Altair Olivo Santin and Andre Luiz Pereira de Franca and Ricardo P. Jasinski and Volnei A. Pedroni and Luiz Oliveira},
  journal={IEEE Transactions on Computers},
  year={2017},
  volume={66},
  pages={163-177}
}
Nowadays, a significant part of all network accesses comes from embedded and battery-powered devices, which must be energy efficient. This paper demonstrates that a hardware (HW) implementation of network security algorithms can significantly reduce their energy consumption compared to an equivalent software (SW) version. The paper has four main contributions: (i) a new feature extraction algorithm, with low processing demands and suitable for hardware implementation; (ii) a feature selection… Expand
A reliable and energy-efficient classifier combination scheme for intrusion detection in embedded systems
TLDR
This paper presents an anomaly-based method for network intrusion detection in embedded systems that maintains the classifier reliability even when network traffic contents changes and is energy-efficient and well suited for hardware implementation. Expand
A Deep Learning Method With Filter Based Feature Engineering for Wireless Intrusion Detection System
TLDR
This paper proposes a IDS based on deep learning using feed forward deep neural networks (FFDNNs) coupled with a filter-based feature selection algorithm and proves that the FFDNN-IDS achieves an increase in accuracy in comparison to other methods. Expand
A Survey on Intrusion Detection System using Machine Learning and Deep Learning
  • Er. Hemavati, R. Aparna
  • Computer Science
  • International Journal of Scientific Research in Computer Science, Engineering and Information Technology
  • 2019
TLDR
The different machine learning techniques used till now and the methodology for the attack detection and the validation strategy are studied and the performance metrics are discussed. Expand
A fast online sequential learning accelerator for IoT network intrusion detection: work-in-progress
TLDR
An online sequential machine learning hardware accelerator to perform realtime network intrusion detection with a single hidden layer feedforward neural network based learning algorithm developed with a least-squares solver realized on hardware. Expand
Work-in-progress: a fast online sequential learning accelerator for IoT network intrusion detection
TLDR
An online sequential machine learning hardware accelerator to perform realtime network intrusion detection with a single hidden layer feedforward neural network based learning algorithm developed with a least-squares solver realized on hardware. Expand
Cyber Intrusion Detection Using Machine Learning Classification Techniques
TLDR
This paper employs various popular machine learning classification algorithms, namely Bayesian Network, Naive Bayes classifier, Decision Tree, Random Decision Forest, Random Tree, Decision Table, and Artificial Neural Network, to detect intrusions due to provide intelligent services in the domain of cyber-security. Expand
Hardware performance counters based runtime anomaly detection using SVM
TLDR
A hardware-based monitoring method for embedded devices in detecting anomalies using carefully selected low-level hardware features using a support vector machine (SVM) classifier to train a model that can detect anomalies based on features obtained from the selected hardware performance counters. Expand
Machine Learning Intrusion Detection in Big Data Era: A Multi-Objective Approach for Longer Model Lifespans
TLDR
This paper proposes a new scalable long-lasting intrusion detection architecture for the processing of network content and the building of a reliable ML-based intrusion detection model that achieves up to 10 Gbps of detection throughput in a 20-core big data processing cluster. Expand
Saving energy in aggressive intrusion detection through dynamic latency sensitivity recognition
TLDR
This paper presents a selective routing and intrusion detection technique based on dynamic statistical analysis that separates latency-sensitive traffic from latency-insensitive one and adaptively organizes the intrusion detection activities over multiple nodes. Expand
BigFlow: Real-time and reliable anomaly-based intrusion detection for high-speed networks
TLDR
BigFlow is an approach capable of processing evolving network traffic while being scalable to large packet rates, and employs a verification method that checks if the classifier outcome is valid in order to provide reliability. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 55 REFERENCES
A Real-Time NetFlow-based Intrusion Detection System with Improved BBNN and High-Frequency Field Programmable Gate Arrays
  • Quang-Anh Tran, F. Jiang, J. Hu
  • Computer Science
  • 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications
  • 2012
TLDR
A prototype with hybrid software-enabled detection engine on the basis of the improved block-based neural network (BBNN) is designed and integrated with a high-frequency FPGA board to form a real-time intrusion detection system. Expand
Evolving Block-Based Neural Network and Field Programmable Gate Arrays for Host-Based Intrusion Detection System
In this paper, we design a prototype with hybrid software-enabled detection engine on the basis of an evolving block-based neural network (BBNN), and integrate it with a Field Programmable GateExpand
An Efficient FPGA Implementation of Principle Component Analysis based Network Intrusion Detection System
TLDR
This paper designs and implements an efficient FPGA architecture for Principal Component Analysis to be used in NIDSs and shows that the architecture correctly classifies attacks with detection rates exceeding 99.9% and false alarm rates as low as 1.95%. Expand
Moving Network Protection from Software to Hardware: An Energy Efficiency Analysis
TLDR
This paper presents a new way to improve the throughput and to reduce the energy consumption of an anomaly-based intrusion detection system for probing attacks, and implements the same classifier algorithm in software (C++) and in hardware (synthesizable VHDL). Expand
Flow-Based Anomaly Detection Using Neural Network Optimized with GSA Algorithm
TLDR
The proposed GSA-based flow anomaly detection system (GFADS) is trained with a flow-based data set and a four-feature subset is proposed as the optimal set of features. Expand
An FPGA-Based Network Intrusion Detection Architecture
TLDR
This work designs an FPGA-based architecture for anomaly detection in network transmissions and demonstrates the use of principal component analysis as an outlier detection method for NIDSs. Expand
Network intrusion detection and classification with Decision Tree and rule based approaches
TLDR
Two network intrusion detection techniques which are C4.5 Decision Tree and Ripper rules to assess and test an online dataset (RLD09 dataset) which is much simpler than existing traditional dataset such as KDD99 and can provide real-time detection speed with low memory and CPU consumption. Expand
A real-time network intrusion detection system for large-scale attacks based on an incremental mining approach
TLDR
Since the proposed system derives features from packet headers only, like the previous works based on fuzzy association rules, large-scale attack types are focused, and can greatly improve efficiency from offline detection to real-time online detection. Expand
The energy cost of network security: A hardware vs. software comparison
TLDR
This paper evaluates three machine learning classifiers (Decision Tree, Naive Bayes, and k-Nearest Neighbors), implemented in hardware and software, for the detection of probing attacks, showing the tradeoffs between energy consumption, throughput, and accuracy. Expand
Efficient packet classification for network intrusion detection using FPGA
TLDR
A novel packet classification architecture called BV-TCAM is presented, which is implemented for an FPGA-based Network Intrusion Detection System (NIDS), which can report multiple matches at gigabit per second network link rates. Expand
...
1
2
3
4
5
...