A Programmable Architecture Based on Vectorized EVBDDs for Network Intrusion Detection Using Random Forests

Binbin Xue; Shinobu Nagayama; Masato Inagi; Shin'Ichi Wakabayashi

Summary

International Symposium on Nonlinear Theory and its Applications

2017

Session Number:A2L-B

Session:

Number:A2L-B-4

A Programmable Architecture Based on Vectorized EVBDDs for Network Intrusion Detection Using Random Forests

Binbin Xue, Shinobu Nagayama, Masato Inagi, Shin'Ichi Wakabayashi,

pp.132-135

Publication Date:2017/12/4

Online ISSN:2188-5079

DOI:10.34385/proc.29.A2L-B-4

PDF download (1.3MB)

Summary:

In this paper, we propose a pro-grammable architecture based on Vectorized Edge-Valued Binary Decision Diagrams (VEVBDDs) for Network Intrusion Detection Systems (NIDSs). Our target NIDSs are based on random forests, and detect suspicious packets by checking incoming packets against statistical data of past intrusions using random forests. In our proposal, a random forest is converted into VEVBDDs, and they are implemented by a memory-based architecture. The proposed programmable architecture can update the statistical data quickly by just rewriting contents of memories. FPGA implementation results show that the proposed architecture achieves up to 25 times higher throughput than a software implementation.