RIDE: Real-time Intrusion Detection via Explainable Machine Learning Implemented in a Memristor Hardware Architecture
dc.contributor.author | Chen, Jingdi | |
dc.contributor.author | Zhang, Lei | |
dc.contributor.author | Riem, Joseph | |
dc.contributor.author | Adam, Gina | |
dc.contributor.author | Bastian, Nathaniel D. | |
dc.contributor.author | Lan, Tian | |
dc.date.accessioned | 2023-12-19T13:32:04Z | |
dc.date.available | 2023-12-19T13:32:04Z | |
dc.date.issued | 2023-11-07 | |
dc.description.abstract | Deep Learning (DL) based methods have shown great promise in network intrusion detection by identifying malicious network traffic behavior patterns with high accuracy, but their applications to real-time, packet-level detections in highspeed communication networks are challenging due to the high computation time and resource requirements of Deep Neural Networks (DNNs), as well as lack of explainability. To this end, we propose a packet-level network intrusion detection solution that makes novel use of Recurrent Autoencoders to integrate an arbitrary-length sequence of packets into a more compact joint feature embedding, which is fed into a DNN-based classifier. To enable explainability and support real-time detections at micro-second speed, we further develop a Software-Hardware Co-Design approach to efficiently realize the proposed solution by converting the learned detection policies into decision trees and implementing them using an emerging architecture based on memristor devices. By jointly optimizing associated software and hardware constraints, we show that our approach leads to an extremely efficient, real-time solution with high detection accuracy at the packet level. Evaluation results on real-world datasets (e.g., UNSW and CIC-IDS datasets) demonstrate nearly three-nines detection accuracy with a substantial speedup of nearly four orders of magnitude. | |
dc.description.sponsorship | Army Cyber Institute | |
dc.identifier.citation | J. Chen, L. Zhang, J. Riem, G. Adam, N. D. Bastian and T. Lan, "RIDE: Real-time Intrusion Detection via Explainable Machine Learning Implemented in a Memristor Hardware Architecture," 2023 IEEE Conference on Dependable and Secure Computing (DSC), Tampa, FL, USA, 2023, pp. 1-8, doi: 10.1109/DSC61021.2023.10354120. | |
dc.identifier.doi | https://doi.org/10.1109/DSC61021.2023.10354120 | |
dc.identifier.uri | https://hdl.handle.net/20.500.14216/1462 | |
dc.publisher | IEEE | |
dc.relation.ispartof | 2023 IEEE Conference on Dependable and Secure Computing (DSC) | |
dc.subject | Machine Learning | |
dc.subject | Memristors | |
dc.subject | Network Intrusion Detection | |
dc.subject | Computer architecture | |
dc.subject | Telecommunication traffic | |
dc.subject | Feature extraction | |
dc.subject | Hardware | |
dc.title | RIDE: Real-time Intrusion Detection via Explainable Machine Learning Implemented in a Memristor Hardware Architecture | |
dc.type | proceedings-article | |
local.USMAemail | nathaniel.bastian@westpoint.edu | |
local.peerReviewed | Yes |