TY - GEN
T1 - ONLAD-IDS
T2 - 24th IEEE International Conference on High Performance Computing and Communications, 8th IEEE International Conference on Data Science and Systems, 20th IEEE International Conference on Smart City and 8th IEEE International Conference on Dependability in Sensor, Cloud and Big Data Systems and Application, HPCC/DSS/SmartCity/DependSys 2022
AU - Wu, Man
AU - Matsutani, Hiroki
AU - Kondo, Masaaki
N1 - Funding Information:
This work was supported by JST CREST Grant Number JPMJCR20F2, Japan.
Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - Machine learning- or neural network-based intrusion detection systems (IDSs) demonstrate the state-of-the-art performance and confidence in current threat detection. However, due to the increasing sophistication of today's network attacks and the growing cost of obtaining attack labels for network traffic, updating an IDS model with labeled data requires significant effort. Furthermore, in real-time developments of the Internet of Things (IoT), network flow input and large-size deep learning models impose additional latency and low throughput due to the hardware resource, bandwidth, and programming cost. To this end, this paper proposes an on-device sequential learning semi-supervised anomaly detector-based intrusion detection system (ONLAD-IDS) using smart interface network cards (NICs) to address these challenges. The ONLAD- IDS consists of packet sniffing, feature extractor, feature selection with analysis of variance (ANOVA), and an ONLAD model. Moreover, the real-time throughput ONLAD-IDS is developed by the Nvidia Bluefield DPU with smartNICs without programming cost. Experiments show that ONLAD-IDS achieves a throughput of 1486.095 packet/ms and a detection rate of 0.7523 on DPU with a 25Gb/s transmission throughput while maintaining high detection performance.
AB - Machine learning- or neural network-based intrusion detection systems (IDSs) demonstrate the state-of-the-art performance and confidence in current threat detection. However, due to the increasing sophistication of today's network attacks and the growing cost of obtaining attack labels for network traffic, updating an IDS model with labeled data requires significant effort. Furthermore, in real-time developments of the Internet of Things (IoT), network flow input and large-size deep learning models impose additional latency and low throughput due to the hardware resource, bandwidth, and programming cost. To this end, this paper proposes an on-device sequential learning semi-supervised anomaly detector-based intrusion detection system (ONLAD-IDS) using smart interface network cards (NICs) to address these challenges. The ONLAD- IDS consists of packet sniffing, feature extractor, feature selection with analysis of variance (ANOVA), and an ONLAD model. Moreover, the real-time throughput ONLAD-IDS is developed by the Nvidia Bluefield DPU with smartNICs without programming cost. Experiments show that ONLAD-IDS achieves a throughput of 1486.095 packet/ms and a detection rate of 0.7523 on DPU with a 25Gb/s transmission throughput while maintaining high detection performance.
KW - Bluefield DPU
KW - Intrusion detection system
KW - on-device learning
KW - semi-supervised learning
KW - smartNIC
UR - http://www.scopus.com/inward/record.url?scp=85152225797&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85152225797&partnerID=8YFLogxK
U2 - 10.1109/HPCC-DSS-SmartCity-DependSys57074.2022.00100
DO - 10.1109/HPCC-DSS-SmartCity-DependSys57074.2022.00100
M3 - Conference contribution
AN - SCOPUS:85152225797
T3 - Proceedings - 24th IEEE International Conference on High Performance Computing and Communications, 8th IEEE International Conference on Data Science and Systems, 20th IEEE International Conference on Smart City and 8th IEEE International Conference on Dependability in Sensor, Cloud and Big Data Systems and Application, HPCC/DSS/SmartCity/DependSys 2022
SP - 546
EP - 553
BT - Proceedings - 24th IEEE International Conference on High Performance Computing and Communications, 8th IEEE International Conference on Data Science and Systems, 20th IEEE International Conference on Smart City and 8th IEEE International Conference on Dependability in Sensor, Cloud and Big Data Systems and Application, HPCC/DSS/SmartCity/DependSys 2022
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 18 December 2022 through 20 December 2022
ER -