Acceleration of Feature Extraction for Real-Time Analysis of Encrypted Network Traffic

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F19%3APU132971" target="_blank" >RIV/00216305:26230/19:PU132971 - isvavai.cz</a>

Výsledek na webu

<a href="http://dx.doi.org/10.1109/DDECS.2019.8724658" target="_blank" >http://dx.doi.org/10.1109/DDECS.2019.8724658</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1109/DDECS.2019.8724658" target="_blank" >10.1109/DDECS.2019.8724658</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Acceleration of Feature Extraction for Real-Time Analysis of Encrypted Network Traffic

Popis výsledku v původním jazyce

With the growing amount of encrypted network traffic, it is important to have tools for the analysis and classification of encrypted network data. Encrypted network traffic is usually analysed by statistical methods because Deep Packet Inspection or pattern matching is not applicable. However, the statistical methods are usually designed to work offline on already captured network traffic. For real-time analysis, hardware acceleration is needed to achieve wire-speed 10 Gbps throughput. Therefore, we focus on real-time monitoring of encrypted network traffic and propose a new acceleration method to extract features from encrypted network data. Approximate computing is used to speed up the computation of entropy for the input data stream and to reduce FPGA logic utilization. As can be seen in the results, the precision of classification has decreased only by 0.1 to 0.2. Moreover, proposed hardware architecture has very low FPGA logic utilization and can operate on high frequency.

Název v anglickém jazyce

Acceleration of Feature Extraction for Real-Time Analysis of Encrypted Network Traffic

Popis výsledku anglicky

With the growing amount of encrypted network traffic, it is important to have tools for the analysis and classification of encrypted network data. Encrypted network traffic is usually analysed by statistical methods because Deep Packet Inspection or pattern matching is not applicable. However, the statistical methods are usually designed to work offline on already captured network traffic. For real-time analysis, hardware acceleration is needed to achieve wire-speed 10 Gbps throughput. Therefore, we focus on real-time monitoring of encrypted network traffic and propose a new acceleration method to extract features from encrypted network data. Approximate computing is used to speed up the computation of entropy for the input data stream and to reduce FPGA logic utilization. As can be seen in the results, the precision of classification has decreased only by 0.1 to 0.2. Moreover, proposed hardware architecture has very low FPGA logic utilization and can operate on high frequency.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

<a href="/cs/project/VI20152019001" target="_blank" >VI20152019001: Sondy pro analýzu a filtraci provozu na úrovni aplikačních protokolů</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2019

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings - 2019 22nd International Symposium on Design and Diagnostics of Electronic Circuits and Systems, DDECS 2019

ISBN

978-1-7281-0073-9

ISSN

—

e-ISSN

—

Počet stran výsledku

6

Strana od-do

1-6

Název nakladatele

Institute of Electrical and Electronics Engineers

Místo vydání

Cluj-Napoca

Místo konání akce

Cluj-Napoca

Datum konání akce

24. 4. 2019

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

000492839800022