Presentation 2014-07-03
Implementation of FPGA Section for Anomaly Detection Acceleration by HW/SW Cooperation
Shun YANASE, Hajime SHIMADA, Yukiko YAMAGUCHI, Hiroki TAKAKURA,
PDF Download Page PDF download Page Link
Abstract(in Japanese) (See Japanese page)
Abstract(in English) Anomaly-based Intrusion Detection System (anomaly IDS) is an approach of the IDS which creates a discrimination circuit from normal traffic and detects malicious traffic by grading deviant traffic with the discrimination circuit. In recent years, because of the spread of the Internet usage and network clients, the network traffic is becoming huge amount. So we are afraid that the anomaly IDS often fails capturing network packet because of deficiency of a performance when it monitors an internal network of a large-scale organization. To solve this problem, we propose HW/SW corporation anomaly detection system using FPGA to achieve real-time anomaly detection processing on high-traffic network. We adopt PAYL algorithm as a suitable one for hardware algorithm which applies 1-gram method to network packet payload and calculate maharanobis distance between training data to detect malicious traffic. We implemented Features Extraction module which is estimated as a bottleneck of the PAYL algorithm into FPGA. The result shows that an estimated throughput of the system becomes 5.155Gbps which is 10.72 times larger value in case of SW only implementation.
Keyword(in Japanese) (See Japanese page)
Keyword(in English) Intrusion detection system / Anomaly Detection / FPGA
Paper # ISEC2014-16,SITE2014-11,ICSS2014-20,EMM2014-16
Date of Issue

Conference Information
Committee ISEC
Conference Date 2014/6/26(1days)
Place (in Japanese) (See Japanese page)
Place (in English)
Topics (in Japanese) (See Japanese page)
Topics (in English)
Chair
Vice Chair
Secretary
Assistant

Paper Information
Registration To Information Security (ISEC)
Language JPN
Title (in Japanese) (See Japanese page)
Sub Title (in Japanese) (See Japanese page)
Title (in English) Implementation of FPGA Section for Anomaly Detection Acceleration by HW/SW Cooperation
Sub Title (in English)
Keyword(1) Intrusion detection system
Keyword(2) Anomaly Detection
Keyword(3) FPGA
1st Author's Name Shun YANASE
1st Author's Affiliation Graduate School of Information Science, Nagoya University()
2nd Author's Name Hajime SHIMADA
2nd Author's Affiliation Information Technology Center, Nagoya University
3rd Author's Name Yukiko YAMAGUCHI
3rd Author's Affiliation Information Technology Center, Nagoya University
4th Author's Name Hiroki TAKAKURA
4th Author's Affiliation Information Technology Center, Nagoya University
Date 2014-07-03
Paper # ISEC2014-16,SITE2014-11,ICSS2014-20,EMM2014-16
Volume (vol) vol.114
Number (no) 115
Page pp.pp.-
#Pages 6
Date of Issue