RIDE: Real-time Intrusion Detection via Explainable Machine Learning Implemented in a Memristor Hardware Architecture

dc.contributor.authorChen, Jingdi
dc.contributor.authorZhang, Lei
dc.contributor.authorRiem, Joseph
dc.contributor.authorAdam, Gina
dc.contributor.authorBastian, Nathaniel D.
dc.contributor.authorLan, Tian
dc.date.accessioned2023-12-19T13:32:04Z
dc.date.available2023-12-19T13:32:04Z
dc.date.issued2023-11-07
dc.description.abstractDeep Learning (DL) based methods have shown great promise in network intrusion detection by identifying malicious network traffic behavior patterns with high accuracy, but their applications to real-time, packet-level detections in highspeed communication networks are challenging due to the high computation time and resource requirements of Deep Neural Networks (DNNs), as well as lack of explainability. To this end, we propose a packet-level network intrusion detection solution that makes novel use of Recurrent Autoencoders to integrate an arbitrary-length sequence of packets into a more compact joint feature embedding, which is fed into a DNN-based classifier. To enable explainability and support real-time detections at micro-second speed, we further develop a Software-Hardware Co-Design approach to efficiently realize the proposed solution by converting the learned detection policies into decision trees and implementing them using an emerging architecture based on memristor devices. By jointly optimizing associated software and hardware constraints, we show that our approach leads to an extremely efficient, real-time solution with high detection accuracy at the packet level. Evaluation results on real-world datasets (e.g., UNSW and CIC-IDS datasets) demonstrate nearly three-nines detection accuracy with a substantial speedup of nearly four orders of magnitude.
dc.description.sponsorshipArmy Cyber Institute
dc.identifier.citationJ. Chen, L. Zhang, J. Riem, G. Adam, N. D. Bastian and T. Lan, "RIDE: Real-time Intrusion Detection via Explainable Machine Learning Implemented in a Memristor Hardware Architecture," 2023 IEEE Conference on Dependable and Secure Computing (DSC), Tampa, FL, USA, 2023, pp. 1-8, doi: 10.1109/DSC61021.2023.10354120.
dc.identifier.doihttps://doi.org/10.1109/DSC61021.2023.10354120
dc.identifier.urihttps://hdl.handle.net/20.500.14216/1462
dc.publisherIEEE
dc.relation.ispartof2023 IEEE Conference on Dependable and Secure Computing (DSC)
dc.subjectMachine Learning
dc.subjectMemristors
dc.subjectNetwork Intrusion Detection
dc.subjectComputer architecture
dc.subjectTelecommunication traffic
dc.subjectFeature extraction
dc.subjectHardware
dc.titleRIDE: Real-time Intrusion Detection via Explainable Machine Learning Implemented in a Memristor Hardware Architecture
dc.typeproceedings-article
local.USMAemailnathaniel.bastian@westpoint.edu
local.peerReviewedYes

Files