Share Email Print
cover

Proceedings Paper

Applying hardware-based machine learning to signature-based network intrusion detection
Author(s): Garrett Payer; Chris McCormick; Richard Harang; Bruce McCormick
Format Member Price Non-Member Price
PDF $14.40 $18.00

Paper Abstract

We present a proof-of-concept of a lightweight and low-power network intrusion detection system (NIDS) using a commercially available neural network chip. Such a system is well-suited to the increasing deployment of low-power devices with ubiquitous internet connectivity. Our proposal makes use of previous work on extracting a feature vector from network packets using a histogram of hashed n-grams. The commercially available CogniMem CM1K device implements a version of the Restricted Coulomb Energy neural network classifier, which was used to classify the resulting feature vectors at high speed and low power. In this paper, we describe our feature extraction technique for network packets and the classification algorithm used by the CM1K chip, and present initial classification results on a fabricated test set. Despite the generality of the RCE algorithm and our ‘plug-in’ approach to the classification task, with no fine-tuning of the hardware to our problem domain, we obtain surprisingly good classification results even on highly imbalanced and restricted training sets.

Paper Details

Date Published: 22 May 2014
PDF: 16 pages
Proc. SPIE 9119, Machine Intelligence and Bio-inspired Computation: Theory and Applications VIII, 91190C (22 May 2014); doi: 10.1117/12.2052548
Show Author Affiliations
Garrett Payer, ICF International (United States)
Chris McCormick, CogniMem Technologies, Inc. (United States)
Richard Harang, ICF International (United States)
Bruce McCormick, CogniMem Technologies, Inc. (United States)


Published in SPIE Proceedings Vol. 9119:
Machine Intelligence and Bio-inspired Computation: Theory and Applications VIII
Misty Blowers; Jonathan Williams, Editor(s)

© SPIE. Terms of Use
Back to Top