Name
Abstract | ||
|---|---|---|
With the onset of Gigabit networks, current generation networking components will soon be insufficient for numerous reasons: most notably because existing methods cannot support high performance demands. Feature extraction (or flow monitoring), an essential component in anomaly detection, summarizes network behavior from a packet stream. This information is fed into intrusion detection methods such as association rule mining, outlier analysis, and classification algorithms in order to characterize network behavior. However, current feature extraction methods based on per-flow analysis are expensive, not scalable, and thus prohibitive for large-scale networks. In this paper, we propose an accurate and scalable Feature Extraction Module (FEM) based on sketches. We present the details of the FEM design on an FPGA and show that using FPGAs we can achieve significantly better performance compared to existing software and ASIC implementations. Specifically, the optimal FEM configuration achieves 20.18 Gbps throughput and 97.61% accuracy. |
Year | DOI | Venue |
|---|---|---|
2005 | 10.1109/FPL.2005.1515761 | FPL |
Keywords | Field | DocType |
intrusion detection,feature extraction,data mining,flow analysis,field programmable gate arrays,real time,association rule mining,anomaly detection,network analysis | Gigabit,Anomaly detection,Computer science,Network packet,Real-time computing,Feature extraction,Throughput,Network analysis,Intrusion detection system,Scalability | Conference |
Citations | PageRank | References |
8 | 0.83 | 16 |
Authors | ||
4 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| David Nguyen | 1 | 263 | 19.09 |
| Gokhan Memik | 2 | 1694 | 111.88 |
| Seda Öǧrenci Memik | 3 | 488 | 42.57 |
| Alok N. Choudhary | 4 | 3441 | 326.32 |