Skip to main content
Springer Nature Link
Log in

Reconfigurable Edge Hardware for Intelligent IDS: Systematic Approach

  • Conference paper
  • First Online:
Applied Reconfigurable Computing. Architectures, Tools, and Applications (ARC 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14553))

Included in the following conference series:

Abstract

Intrusion detection systems (IDS) are crucial security measures nowadays to enforce network security. Their task is to detect anomalies in network communication and identify, if not thwart, possibly malicious behavior. Recently, machine learning has been deployed to construct intelligent IDS. This approach, however, is quite challenging particularly in distributed, highly dynamic, yet resource-constrained systems like Edge setups. In this paper, we tackle this issue from multiple angles by analyzing the concept of intelligent IDS (I-IDS) while addressing the specific requirements of Edge devices with a special focus on reconfigurability. Then, we introduce a systematic approach to constructing the I-IDS on reconfigurable Edge hardware. For this, we implemented our proposed IDS on state-of-the-art Field Programmable Gate Arrays (FPGAs) technology as (1) a purely FPGA-based dataflow processor (DFP) and (2) a co-designed approach featuring RISC-V soft-core as FPGA-based soft-core processor (SCP). We complete our paper with a comparison of the state of the art (SoA) in this domain. The results show that DFP and SCP are both suitable for Edge applications from hardware resource and energy efficiency perspectives. Our proposed DFP solution clearly outperforms the SoA and demonstrates that required high performance can be achieved without prohibitively high hardware costs. This makes our proposed DFP suitable for Edge-based high-speed applications like modern communication technology.

This work has been partially funded by the German Ministry of Education and Research (BMBF) via project RILKOSAN (16KISR010K) and partially via project SILGENTAS (16KIS1837).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    $ riscv64-unknown-elf-gcc -std=gnu99 -O2 -Wall -lm -fno-common -fno-builtin-printf -specs=htifnano.specs $ riscv64-unknown-elf-gcc -static -T riscv64-unknown-elf/lib/htif.ld -lm.

References

  1. Amid, A., et al.: Chipyard: integrated design, simulation, and implementation framework for custom SoCS. IEEE Micro 40(4), 10–21 (2020). https://doi.org/10.1109/MM.2020.2996616

    Article  Google Scholar 

  2. Amon, C., Shinder, T.W., Carasik-Henmi, A.: Introducing snort. In: The Best Damn Firewall Book Period, pp. 1183–1208. Syngress, Burlington (2003). https://doi.org/10.1016/B978-193183690-6/50070-4

  3. Asanović, K., et al.: The rocket chip generator. Technical report, UCB/EECS-2016-17, EECS Department, University of California, Berkeley, April 2016

    Google Scholar 

  4. Azad, T.B.: Locking down your XenApp server. In: Azad, T.B. (ed.) Securing Citrix Presentation Server in the Enterprise, pp. 487–555. Syngress, Burlington (2008). https://doi.org/10.1016/B978-1-59749-281-2.00007-X

  5. Babu, P., Parthasarathy, E.: Reconfigurable FPGA architectures: a survey and applications. J. Inst. Eng. Ser. B 102, 143–156 (2021)

    Article  Google Scholar 

  6. Blott, M., et al.: Evaluation of optimized CNNs on FPGA and Non-FPGA based accelerators using a novel benchmarking approach. In: Proceedings of the 2020 ACM/SIGDA International Symposium on Field-Programmable Gate Arrays, FPGA 2020, p. 317. Association for Computing Machinery, New York, NY, USA (2020). https://doi.org/10.1145/3373087.3375348

  7. Bouazzati, M.E., Tessier, R., Tanguy, P., Gogniat, G.: A lightweight intrusion detection system against IoT memory corruption attacks. In: 2023 26th International Symposium on Design and Diagnostics of Electronic Circuits and Systems (DDECS), pp. 118–123 (2023). https://doi.org/10.1109/DDECS57882.2023.10139718

  8. Brewster, T.: How hacked cameras are helping launch the biggest attacks the internet has ever seen. Forbes (2016). https://www.forbes.com/sites/thomasbrewster/2016/09/25/brian-krebs-overwatch-ovh-smashed-by-largest-ddos-attacks-ever/

  9. Cai, B., Xie, S., Liang, Q., Lu, W.: Research on penetration testing of IoT gateway based on RISC-V. In: 2022 International Symposium on Advances in Informatics, Electronics and Education (ISAIEE), pp. 422–425 (2022). https://doi.org/10.1109/ISAIEE57420.2022.00093

  10. Chander, V.N., Varghese, K.: A soft RISC-V vector processor for edge-AI. In: 2022 35th International Conference on VLSI Design and 2022 21st International Conference on Embedded Systems (VLSID), pp. 263–268 (2022). https://doi.org/10.1109/VLSID2022.2022.00058

  11. Chen, W.H., Hsu, S.H., Shen, H.P.: Application of SVM and ANN for intrusion detection. Comput. Oper. Res. 32(10), 2617–2634 (2005)

    Article  Google Scholar 

  12. Denning, D.E.: An intrusion-detection model. IEEE Trans. Softw. Eng. SE-13(2), 222–232 (1987)

    Google Scholar 

  13. Disha, R.A., Waheed, S.: Performance analysis of machine learning models for intrusion detection system using Gini impurity-based weighted random forest (GIWRF) feature selection technique. Cybersecurity 5(1), 1 (2022)

    Article  Google Scholar 

  14. Hutchings, B., Franklin, R., Carver, D.: Assisting network intrusion detection with reconfigurable hardware. In: Proceedings. 10th Annual IEEE Symposium on Field-Programmable Custom Computing Machines, pp. 111–120 (2002). https://doi.org/10.1109/FPGA.2002.1106666

  15. Ioannou, L., Fahmy, S.A.: Network intrusion detection using neural networks on FPGA SoCS. In: 2019 29th International Conference on Field Programmable Logic and Applications (FPL), pp. 232–238. IEEE (2019)

    Google Scholar 

  16. Kimura, Y., Ootsu, K., Tsuchiya, T., Yokota, T.: Development of RISC-V based soft-core processor with scalable vector extension for embedded system. In: Proceedings of the the 8th International Virtual Conference on Applied Computing & Information Technology, ACIT 2021, pp. 13–18. Association for Computing Machinery, New York, NY, USA (2021). https://doi.org/10.1145/3468081.3471061

  17. Koc, L., Mazzuchi, T.A., Sarkani, S.: A network intrusion detection system based on a hidden Naïve Bayes multiclass classifier. Expert Syst. Appl. 39(18), 13492–13500 (2012)

    Article  Google Scholar 

  18. Koroniotis, N., Moustafa, N., Sitnikova, E., Turnbull, B.: Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-IoT dataset. Futur. Gener. Comput. Syst. 100, 779–796 (2019)

    Article  Google Scholar 

  19. Kuon, I., Rose, J.: Measuring the gap between FPGAs and ASICs. In: Proceedings of the 2006 ACM/SIGDA 14th International Symposium on Field Programmable Gate Arrays, pp. 21–30 (2006)

    Google Scholar 

  20. Le Jeune, L., Goedemé, T., Mentens, N.: Towards real-time deep learning-based network intrusion detection on FPGA. In: Zhou, J., et al. (eds.) ACNS 2021. LNCS, vol. 12809, pp. 133–150. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-81645-2_9

    Chapter  Google Scholar 

  21. Liang, Q., Xie, S., Cai, B.: Intelligent home IoT intrusion detection system based on RISC-V. In: 2023 IEEE 3rd International Conference on Power, Electronics and Computer Applications (ICPECA), pp. 296–300 (2023). https://doi.org/10.1109/ICPECA56706.2023.10076248

  22. Mishra, A.: Evaluating machine learning models, pp. 115–132. John Wiley and Sons, Ltd. (2019). https://doi.org/10.1002/9781119556749.ch5

  23. Moustafa, N., Slay, J.: UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 Military Communications and Information Systems Conference (MilCIS), pp. 1–6 (2015). https://doi.org/10.1109/MilCIS.2015.7348942

  24. Müller, A.C., Guido, S.: Introduction to Machine Learning with Python: A Guide for Data Scientists. O’Reilly Media, Inc. (2016)

    Google Scholar 

  25. Nechi, A., Groth, L., Mulhem, S., Merchant, F., Buchty, R., Berekovic, M.: FPGA-based deep learning inference accelerators: where are we standing? ACM Trans. Reconfigurable Technol. Syst. 16(4) (2023). https://doi.org/10.1145/3613963

  26. Ngo, D.-M., Tran-Thanh, B., Dang, T., Tran, T., Thinh, T.N., Pham-Quoc, C.: High-throughput machine learning approaches for network attacks detection on FPGA. In: Vinh, P.C., Rakib, A. (eds.) ICCASA/ICTCC -2019. LNICST, vol. 298, pp. 47–60. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-34365-1_5

    Chapter  Google Scholar 

  27. Node-RED: Low-code programming for event-driven applications (2021). https://nodered.org/

  28. QOSIENT, LLC: Argus (2023). https://openargus.org/

  29. Sha, K., Yang, T.A., Wei, W., Davari, S.: A survey of edge computing-based designs for IoT security. Digit. Commun. Netw. 6(2), 195–202 (2020)

    Article  Google Scholar 

  30. Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: 4th International Conference on Information Systems Security and Privacy (ICISSP), Portugal (2018)

    Google Scholar 

  31. Umuroglu, Y., Akhauri, Y., Fraser, N.J., Blott, M.: LogicNets: co-designed neural networks and circuits for extreme-throughput applications. In: 2020 30th International Conference on Field-Programmable Logic and Applications (FPL), pp. 291–297 (2020). https://doi.org/10.1109/FPL50879.2020.00055

  32. Vasilomanolakis, E., Karuppayah, S., Mühlhäuser, M., Fischer, M.: Taxonomy and survey of collaborative intrusion detection. ACM Comput. Surv. (CSUR) 47(4), 1–33 (2015)

    Article  Google Scholar 

  33. Wang, T., Wang, C., Zhou, X., Chen, H.: An overview of FPGA based deep learning accelerators: challenges and opportunities. In: 2019 IEEE 21st International Conference on High Performance Computing and Communications; IEEE 17th International Conference on Smart City; IEEE 5th International Conference on Data Science and Systems (HPCC/SmartCity/DSS), pp. 1674–1681 (2019). https://doi.org/10.1109/HPCC/SmartCity/DSS.2019.00229

  34. Waterman, A.: Design of the RISC-V instruction set architecture. Ph.D. thesis, EECS Department, University of California, Berkeley, January 2016. https://www2.eecs.berkeley.edu/Pubs/TechRpts/2016/EECS-2016-1.html

  35. Yiannacouras, P., Steffan, J.G., Rose, J.: VESPA: portable, scalable, and flexible FPGA-based vector processors. In: Proceedings of the 2008 International Conference on Compilers, Architectures and Synthesis for Embedded Systems, CASES 2008, pp. 61–70. Association for Computing Machinery, New York, NY, USA (2008). https://doi.org/10.1145/1450095.1450107

  36. Zhao, R.: NSL-KDD (2022). https://doi.org/10.21227/8rpg-qt98

Download references

Author information

Authors and Affiliations

  1. Institute of Computer Engineering (ITI), Universität zu Lübeck, Lübeck, Germany

    Wadid Foudhaili, Anouar Nechi, Celine Thermann, Mohammad Al Johmani, Rainer Buchty, Mladen Berekovic & Saleh Mulhem

Authors
  1. Wadid Foudhaili
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anouar Nechi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Celine Thermann
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mohammad Al Johmani
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Rainer Buchty
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Mladen Berekovic
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Saleh Mulhem
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Wadid Foudhaili .

Editor information

Editors and Affiliations

  1. University of Aveiro, Aveiro, Portugal

    Iouliia Skliarova

  2. University of Seville, Sevilla, Spain

    Piedad Brox Jiménez

  3. Instituto Superior de Engenharia de Lisb, Lisbon, Portugal

    Mário Véstias

  4. University of Porto, Porto, Portugal

    Pedro C. Diniz

Ethics declarations

Disclosure of Interests

The authors have no competing interests to declare that are relevant to the content of this article.

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Foudhaili, W. et al. (2024). Reconfigurable Edge Hardware for Intelligent IDS: Systematic Approach. In: Skliarova, I., Brox Jiménez, P., Véstias, M., Diniz, P.C. (eds) Applied Reconfigurable Computing. Architectures, Tools, and Applications. ARC 2024. Lecture Notes in Computer Science, vol 14553. Springer, Cham. https://doi.org/10.1007/978-3-031-55673-9_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-55673-9_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-55672-2

  • Online ISBN: 978-3-031-55673-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics