View : 480 Download: 0
JointNIDS: Efficient Joint Traffic Management for On-Device Network Intrusion Detection
- Title
- JointNIDS: Efficient Joint Traffic Management for On-Device Network Intrusion Detection
- Authors
- Dao, Thi-Nga; Lee, HyungJune
- Ewha Authors
- 이형준
- SCOPUS Author ID
- 이형준
- Issue Date
- 2022
- Journal Title
- IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY
- ISSN
- 0018-9545
1939-9359
- Citation
- IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY vol. 71, no. 12, pp. 13254 - 13265
- Keywords
- Anomaly Classification; joint detection; On-Device AI; network intrusion detection system
- Publisher
- IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
- Indexed
- SCIE; SCOPUS
- Document Type
- Article
- Abstract
- Data plane programmability enables the embedding of a network intrusion detection system (NIDS) on programmable switches to dynamically control the efficiency of attack type detection and the overhead in the computation and network side. However, it is a challenging task to implement a feasible embedded detection model with advanced machine learning techniques such as deep learning. It is due to the limited support provided by programming languages on the data plane and the computing resource constraints at the edge. We propose a joint traffic classification architecture called JointNIDS that splits a classification model into two sequential sub-models. In this model, the primary switch is dedicated to major attack classification. The secondary switch is used mainly for a further in-depth inspection of the rest of the minor traffic types. The presence of some partially overlapping hidden units in the two sequential switches can help to reduce the computational overhead at the edge, while increasing the packet inspection throughput. Experimental results on the P4 framework demonstrate that JointNIDS has reduced attack detection time, while achieving a similar accuracy performance, as other counterpart algorithms. To further develop the proposed architecture, JointNIDS implements an optimization step. It maximizes the amount of data to be inspected by a system, taking into account the constraints of computing resources and network bandwidth for a given performance requirement. We validate the effectiveness of collaborative joint optimization in various scenarios.
- DOI
- 10.1109/TVT.2022.3198266
- Appears in Collections:
- 인공지능대학 > 컴퓨터공학과 > Journal papers
- Files in This Item:
There are no files associated with this item.
- Export
- RIS (EndNote)
- XLS (Excel)
- XML