TY - GEN
T1 - An anomaly intrusion detection system employing associative string processor
AU - Trabelsi, Zouheir
AU - Mahdy, Riham
PY - 2010/7/9
Y1 - 2010/7/9
N2 - The genetic material that encodes the unique characteristics of each individual, such as gender, eye color, and other human features is the well-known Deoxyribonucleic acid (DNA). In this work, we introduce an anomaly intrusion detection system, built on the notion of a DNA sequence or gene, which is responsible for the normal network traffic patterns. Subsequently, the system detects suspicious activities by searching the "normal behavior DNA sequence" through string matching. Conversely, string matching is a computationally intensive. As a result, we adopt a monitoring phase that is hardware implemented with the intention that DNA pattern matching is performed at wire-speed. Finally, we provide the details of our Field Programmable Gate Array (FPGA) implementation of the bioinformatics-based string matching technique. We show that the proposed microarchitecture can handle fixed-length patterns at a rate of more than one character per cycle.
AB - The genetic material that encodes the unique characteristics of each individual, such as gender, eye color, and other human features is the well-known Deoxyribonucleic acid (DNA). In this work, we introduce an anomaly intrusion detection system, built on the notion of a DNA sequence or gene, which is responsible for the normal network traffic patterns. Subsequently, the system detects suspicious activities by searching the "normal behavior DNA sequence" through string matching. Conversely, string matching is a computationally intensive. As a result, we adopt a monitoring phase that is hardware implemented with the intention that DNA pattern matching is performed at wire-speed. Finally, we provide the details of our Field Programmable Gate Array (FPGA) implementation of the bioinformatics-based string matching technique. We show that the proposed microarchitecture can handle fixed-length patterns at a rate of more than one character per cycle.
KW - Anomaly identification
KW - Bioinformatics
KW - CAM
KW - DNA computing
KW - FPGA
KW - Network Intrusion Detection
KW - Pattern matching
UR - http://www.scopus.com/inward/record.url?scp=77954288467&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=77954288467&partnerID=8YFLogxK
U2 - 10.1109/ICN.2010.42
DO - 10.1109/ICN.2010.42
M3 - Conference contribution
AN - SCOPUS:77954288467
SN - 9780769539799
T3 - 9th International Conference on Networks, ICN 2010
SP - 220
EP - 225
BT - 9th International Conference on Networks, ICN 2010
T2 - 9th International Conference on Networks, ICN 2010
Y2 - 11 April 2010 through 16 April 2010
ER -