Heterogeneous Hardware-based Network Intrusion Detection System with Multiple Approaches for SDN

Software-Defined Networking has became one of the most efficient network architectures to deal with complexity, policy control improvement, and vendor dependencies removal. Besides, with the diversity of network attacks, the SDN architecture faces many security issues that need to be taken into acco...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	Mobile networks and applications 2020-06, Vol.25 (3), p.1178-1192
Hauptverfasser:	Ngo, Duc-Minh, Pham-Quoc, Cuong, Thinh, Tran Ngoc
Format:	Artikel
Sprache:	eng
Schlagworte:	Central processing units Communications Engineering Computer architecture Computer Communication Networks CPUs Cybersecurity Design standards Electrical Engineering Engineering Field programmable gate arrays Intrusion detection systems IT in Business Lightweight Networks Neural networks Software-defined networking Switches Switching
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	1192
container_issue	3
container_start_page	1178
container_title	Mobile networks and applications
container_volume	25
creator	Ngo, Duc-Minh Pham-Quoc, Cuong Thinh, Tran Ngoc
description	Software-Defined Networking has became one of the most efficient network architectures to deal with complexity, policy control improvement, and vendor dependencies removal. Besides, with the diversity of network attacks, the SDN architecture faces many security issues that need to be taken into account. In this work, we propose an architecture for SDN-based secured forwarding devices (switches) by extending our previous architecture - HPOFS with multiple security functions including lightweight DDoS mechanisms, signature-based and anomaly-based IDS. We implement our architecture on a heterogeneous system including host processors, GPU, and FPGA boards. To the best of our knowledge, this is the first forwarding device for SDN implemented on a heterogeneous system in the literature. Our system not only is enhanced security but also provides a high-speed switching capacity based on the OpenFlow standard. The implemented design on GTX Geforce 1080 G1 for training phase is 14× faster when compared to CPU Intel Core i7 – 4770, 3.4GHz, 16GB of RAM on the Ubuntu version 14.04. The switching function along with three lightweight DDoS detection/prevention mechanisms provide processing speed at 39.48 Gbps on a NetFPGA-10G board (with a Xilinx xc5vtx240t FPGA device). Especially, our neural network models on the NetFPGA-10G board outperform CPU in processing performance by reaching throughputs at 4.84 Gbps. Moreover, the implemented neural network model achieves 99.01% precision with only 0.02% false positive rate when processing a dataset.
doi_str_mv	10.1007/s11036-019-01437-x
format	Article
fullrecord	<record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2408451815</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2408451815</sourcerecordid><originalsourceid>FETCH-LOGICAL-c319t-3f3993e3f725f2d9f73ba78c51a1be88a7b3d07a59a5ef0be8ebe9123240f08e3</originalsourceid><addsrcrecordid>eNp9kEFPAjEQhRujiYj-AU9NPFfb7ZZujwRUSFAPaOKtdnensAi72HYD_HuLa-LNw2Qmk_feTD6Erhm9ZZTKO88Y5QNCmYqVckn2J6jHhExIxgQ_jTPPOEkH6v0cXXi_opQKkaU99DGBAK5ZQA1N6_HEuHJnHJDceCjxM4Rd4z7xtA6u9VVT43GUF-E4zQ8-wAbvqrDET-06VNs14OF26xpTLMFj2zg8Hz9fojNr1h6ufnsfvT3cv44mZPbyOB0NZ6TgTAXCLVeKA7cyETYplZU8NzIrBDMshywzMucllUYoI8DSuIIcFEt4klJLM-B9dNPlxge-WvBBr5rW1fGkjpIsFexIoo-STlW4xnsHVm9dtTHuoBnVR5K6I6kjSf1DUu-jiXcmH8X1Atxf9D-ub_PFeFw</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2408451815</pqid></control><display><type>article</type><title>Heterogeneous Hardware-based Network Intrusion Detection System with Multiple Approaches for SDN</title><source>Springer Nature - Complete Springer Journals</source><creator>Ngo, Duc-Minh ; Pham-Quoc, Cuong ; Thinh, Tran Ngoc</creator><creatorcontrib>Ngo, Duc-Minh ; Pham-Quoc, Cuong ; Thinh, Tran Ngoc</creatorcontrib><description>Software-Defined Networking has became one of the most efficient network architectures to deal with complexity, policy control improvement, and vendor dependencies removal. Besides, with the diversity of network attacks, the SDN architecture faces many security issues that need to be taken into account. In this work, we propose an architecture for SDN-based secured forwarding devices (switches) by extending our previous architecture - HPOFS with multiple security functions including lightweight DDoS mechanisms, signature-based and anomaly-based IDS. We implement our architecture on a heterogeneous system including host processors, GPU, and FPGA boards. To the best of our knowledge, this is the first forwarding device for SDN implemented on a heterogeneous system in the literature. Our system not only is enhanced security but also provides a high-speed switching capacity based on the OpenFlow standard. The implemented design on GTX Geforce 1080 G1 for training phase is 14× faster when compared to CPU Intel Core i7 – 4770, 3.4GHz, 16GB of RAM on the Ubuntu version 14.04. The switching function along with three lightweight DDoS detection/prevention mechanisms provide processing speed at 39.48 Gbps on a NetFPGA-10G board (with a Xilinx xc5vtx240t FPGA device). Especially, our neural network models on the NetFPGA-10G board outperform CPU in processing performance by reaching throughputs at 4.84 Gbps. Moreover, the implemented neural network model achieves 99.01% precision with only 0.02% false positive rate when processing a dataset.</description><identifier>ISSN: 1383-469X</identifier><identifier>EISSN: 1572-8153</identifier><identifier>DOI: 10.1007/s11036-019-01437-x</identifier><language>eng</language><publisher>New York: Springer US</publisher><subject>Central processing units ; Communications Engineering ; Computer architecture ; Computer Communication Networks ; CPUs ; Cybersecurity ; Design standards ; Electrical Engineering ; Engineering ; Field programmable gate arrays ; Intrusion detection systems ; IT in Business ; Lightweight ; Networks ; Neural networks ; Software-defined networking ; Switches ; Switching</subject><ispartof>Mobile networks and applications, 2020-06, Vol.25 (3), p.1178-1192</ispartof><rights>Springer Science+Business Media, LLC, part of Springer Nature 2019</rights><rights>Springer Science+Business Media, LLC, part of Springer Nature 2019.</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c319t-3f3993e3f725f2d9f73ba78c51a1be88a7b3d07a59a5ef0be8ebe9123240f08e3</citedby><cites>FETCH-LOGICAL-c319t-3f3993e3f725f2d9f73ba78c51a1be88a7b3d07a59a5ef0be8ebe9123240f08e3</cites><orcidid>0000-0003-2917-1244</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/s11036-019-01437-x$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/s11036-019-01437-x$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>314,776,780,27901,27902,41464,42533,51294</link.rule.ids></links><search><creatorcontrib>Ngo, Duc-Minh</creatorcontrib><creatorcontrib>Pham-Quoc, Cuong</creatorcontrib><creatorcontrib>Thinh, Tran Ngoc</creatorcontrib><title>Heterogeneous Hardware-based Network Intrusion Detection System with Multiple Approaches for SDN</title><title>Mobile networks and applications</title><addtitle>Mobile Netw Appl</addtitle><description>Software-Defined Networking has became one of the most efficient network architectures to deal with complexity, policy control improvement, and vendor dependencies removal. Besides, with the diversity of network attacks, the SDN architecture faces many security issues that need to be taken into account. In this work, we propose an architecture for SDN-based secured forwarding devices (switches) by extending our previous architecture - HPOFS with multiple security functions including lightweight DDoS mechanisms, signature-based and anomaly-based IDS. We implement our architecture on a heterogeneous system including host processors, GPU, and FPGA boards. To the best of our knowledge, this is the first forwarding device for SDN implemented on a heterogeneous system in the literature. Our system not only is enhanced security but also provides a high-speed switching capacity based on the OpenFlow standard. The implemented design on GTX Geforce 1080 G1 for training phase is 14× faster when compared to CPU Intel Core i7 – 4770, 3.4GHz, 16GB of RAM on the Ubuntu version 14.04. The switching function along with three lightweight DDoS detection/prevention mechanisms provide processing speed at 39.48 Gbps on a NetFPGA-10G board (with a Xilinx xc5vtx240t FPGA device). Especially, our neural network models on the NetFPGA-10G board outperform CPU in processing performance by reaching throughputs at 4.84 Gbps. Moreover, the implemented neural network model achieves 99.01% precision with only 0.02% false positive rate when processing a dataset.</description><subject>Central processing units</subject><subject>Communications Engineering</subject><subject>Computer architecture</subject><subject>Computer Communication Networks</subject><subject>CPUs</subject><subject>Cybersecurity</subject><subject>Design standards</subject><subject>Electrical Engineering</subject><subject>Engineering</subject><subject>Field programmable gate arrays</subject><subject>Intrusion detection systems</subject><subject>IT in Business</subject><subject>Lightweight</subject><subject>Networks</subject><subject>Neural networks</subject><subject>Software-defined networking</subject><subject>Switches</subject><subject>Switching</subject><issn>1383-469X</issn><issn>1572-8153</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2020</creationdate><recordtype>article</recordtype><sourceid>BENPR</sourceid><recordid>eNp9kEFPAjEQhRujiYj-AU9NPFfb7ZZujwRUSFAPaOKtdnensAi72HYD_HuLa-LNw2Qmk_feTD6Erhm9ZZTKO88Y5QNCmYqVckn2J6jHhExIxgQ_jTPPOEkH6v0cXXi_opQKkaU99DGBAK5ZQA1N6_HEuHJnHJDceCjxM4Rd4z7xtA6u9VVT43GUF-E4zQ8-wAbvqrDET-06VNs14OF26xpTLMFj2zg8Hz9fojNr1h6ufnsfvT3cv44mZPbyOB0NZ6TgTAXCLVeKA7cyETYplZU8NzIrBDMshywzMucllUYoI8DSuIIcFEt4klJLM-B9dNPlxge-WvBBr5rW1fGkjpIsFexIoo-STlW4xnsHVm9dtTHuoBnVR5K6I6kjSf1DUu-jiXcmH8X1Atxf9D-ub_PFeFw</recordid><startdate>20200601</startdate><enddate>20200601</enddate><creator>Ngo, Duc-Minh</creator><creator>Pham-Quoc, Cuong</creator><creator>Thinh, Tran Ngoc</creator><general>Springer US</general><general>Springer Nature B.V</general><scope>AAYXX</scope><scope>CITATION</scope><scope>3V.</scope><scope>7SC</scope><scope>7SP</scope><scope>7WY</scope><scope>7WZ</scope><scope>7XB</scope><scope>87Z</scope><scope>8AL</scope><scope>8AO</scope><scope>8FD</scope><scope>8FE</scope><scope>8FG</scope><scope>8FK</scope><scope>8FL</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BEZIV</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>FRNLG</scope><scope>F~G</scope><scope>GNUQQ</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K60</scope><scope>K6~</scope><scope>K7-</scope><scope>L.-</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>M0C</scope><scope>M0N</scope><scope>P5Z</scope><scope>P62</scope><scope>PHGZM</scope><scope>PHGZT</scope><scope>PKEHL</scope><scope>PQBIZ</scope><scope>PQBZA</scope><scope>PQEST</scope><scope>PQGLB</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>Q9U</scope><orcidid>https://orcid.org/0000-0003-2917-1244</orcidid></search><sort><creationdate>20200601</creationdate><title>Heterogeneous Hardware-based Network Intrusion Detection System with Multiple Approaches for SDN</title><author>Ngo, Duc-Minh ; Pham-Quoc, Cuong ; Thinh, Tran Ngoc</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c319t-3f3993e3f725f2d9f73ba78c51a1be88a7b3d07a59a5ef0be8ebe9123240f08e3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2020</creationdate><topic>Central processing units</topic><topic>Communications Engineering</topic><topic>Computer architecture</topic><topic>Computer Communication Networks</topic><topic>CPUs</topic><topic>Cybersecurity</topic><topic>Design standards</topic><topic>Electrical Engineering</topic><topic>Engineering</topic><topic>Field programmable gate arrays</topic><topic>Intrusion detection systems</topic><topic>IT in Business</topic><topic>Lightweight</topic><topic>Networks</topic><topic>Neural networks</topic><topic>Software-defined networking</topic><topic>Switches</topic><topic>Switching</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Ngo, Duc-Minh</creatorcontrib><creatorcontrib>Pham-Quoc, Cuong</creatorcontrib><creatorcontrib>Thinh, Tran Ngoc</creatorcontrib><collection>CrossRef</collection><collection>ProQuest Central (Corporate)</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>ABI/INFORM Collection</collection><collection>ABI/INFORM Global (PDF only)</collection><collection>ProQuest Central (purchase pre-March 2016)</collection><collection>ABI/INFORM Global (Alumni Edition)</collection><collection>Computing Database (Alumni Edition)</collection><collection>ProQuest Pharma Collection</collection><collection>Technology Research Database</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Central (Alumni) (purchase pre-March 2016)</collection><collection>ABI/INFORM Collection (Alumni Edition)</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>Advanced Technologies & Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Business Premium Collection</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>Business Premium Collection (Alumni)</collection><collection>ABI/INFORM Global (Corporate)</collection><collection>ProQuest Central Student</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>ProQuest Business Collection (Alumni Edition)</collection><collection>ProQuest Business Collection</collection><collection>Computer Science Database</collection><collection>ABI/INFORM Professional Advanced</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>ABI/INFORM Global</collection><collection>Computing Database</collection><collection>Advanced Technologies & Aerospace Database</collection><collection>ProQuest Advanced Technologies & Aerospace Collection</collection><collection>ProQuest Central (New)</collection><collection>ProQuest One Academic (New)</collection><collection>ProQuest One Academic Middle East (New)</collection><collection>ProQuest One Business</collection><collection>ProQuest One Business (Alumni)</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Applied & Life Sciences</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>ProQuest Central Basic</collection><jtitle>Mobile networks and applications</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Ngo, Duc-Minh</au><au>Pham-Quoc, Cuong</au><au>Thinh, Tran Ngoc</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Heterogeneous Hardware-based Network Intrusion Detection System with Multiple Approaches for SDN</atitle><jtitle>Mobile networks and applications</jtitle><stitle>Mobile Netw Appl</stitle><date>2020-06-01</date><risdate>2020</risdate><volume>25</volume><issue>3</issue><spage>1178</spage><epage>1192</epage><pages>1178-1192</pages><issn>1383-469X</issn><eissn>1572-8153</eissn><abstract>Software-Defined Networking has became one of the most efficient network architectures to deal with complexity, policy control improvement, and vendor dependencies removal. Besides, with the diversity of network attacks, the SDN architecture faces many security issues that need to be taken into account. In this work, we propose an architecture for SDN-based secured forwarding devices (switches) by extending our previous architecture - HPOFS with multiple security functions including lightweight DDoS mechanisms, signature-based and anomaly-based IDS. We implement our architecture on a heterogeneous system including host processors, GPU, and FPGA boards. To the best of our knowledge, this is the first forwarding device for SDN implemented on a heterogeneous system in the literature. Our system not only is enhanced security but also provides a high-speed switching capacity based on the OpenFlow standard. The implemented design on GTX Geforce 1080 G1 for training phase is 14× faster when compared to CPU Intel Core i7 – 4770, 3.4GHz, 16GB of RAM on the Ubuntu version 14.04. The switching function along with three lightweight DDoS detection/prevention mechanisms provide processing speed at 39.48 Gbps on a NetFPGA-10G board (with a Xilinx xc5vtx240t FPGA device). Especially, our neural network models on the NetFPGA-10G board outperform CPU in processing performance by reaching throughputs at 4.84 Gbps. Moreover, the implemented neural network model achieves 99.01% precision with only 0.02% false positive rate when processing a dataset.</abstract><cop>New York</cop><pub>Springer US</pub><doi>10.1007/s11036-019-01437-x</doi><tpages>15</tpages><orcidid>https://orcid.org/0000-0003-2917-1244</orcidid></addata></record>
fulltext	fulltext
identifier	ISSN: 1383-469X
ispartof	Mobile networks and applications, 2020-06, Vol.25 (3), p.1178-1192
issn	1383-469X 1572-8153
language	eng
recordid	cdi_proquest_journals_2408451815
source	Springer Nature - Complete Springer Journals
subjects	Central processing units Communications Engineering Computer architecture Computer Communication Networks CPUs Cybersecurity Design standards Electrical Engineering Engineering Field programmable gate arrays Intrusion detection systems IT in Business Lightweight Networks Neural networks Software-defined networking Switches Switching
title	Heterogeneous Hardware-based Network Intrusion Detection System with Multiple Approaches for SDN
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-20T20%3A12%3A46IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Heterogeneous%20Hardware-based%20Network%20Intrusion%20Detection%20System%20with%20Multiple%20Approaches%20for%20SDN&rft.jtitle=Mobile%20networks%20and%20applications&rft.au=Ngo,%20Duc-Minh&rft.date=2020-06-01&rft.volume=25&rft.issue=3&rft.spage=1178&rft.epage=1192&rft.pages=1178-1192&rft.issn=1383-469X&rft.eissn=1572-8153&rft_id=info:doi/10.1007/s11036-019-01437-x&rft_dat=%3Cproquest_cross%3E2408451815%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2408451815&rft_id=info:pmid/&rfr_iscdi=true