Efficient Acceleration of Decision Tree Algorithms for Encrypted Network Traffic Analysis
Identifikátory výsledku
Kód výsledku v IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F21%3APU138895" target="_blank" >RIV/00216305:26230/21:PU138895 - isvavai.cz</a>
Výsledek na webu
<a href="https://www.fit.vut.cz/research/publication/12439/" target="_blank" >https://www.fit.vut.cz/research/publication/12439/</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1109/DDECS52668.2021.9417068" target="_blank" >10.1109/DDECS52668.2021.9417068</a>
Alternativní jazyky
Jazyk výsledku
angličtina
Název v původním jazyce
Efficient Acceleration of Decision Tree Algorithms for Encrypted Network Traffic Analysis
Popis výsledku v původním jazyce
Network traffic analysis and deep packet inspection are time-consuming tasks, which current processors can not handle at 100 Gbps speed. Therefore security systems need fast packet processing with hardware acceleration. With the growing of encrypted network traffic, it is necessary to extend Intrusion Detection Systems (IDSes) and other security tools by new detection methods. Security tools started to use classifiers trained by machine learning techniques based on decision trees. Random Forest, Compact Random Forest and AdaBoost provide excellent result in network traffic analysis. Unfortunately, hardware architectures for these machine learning techniques need high utilisation of on-chip memory and logic resources. Therefore we propose several optimisations of highly pipelined architecture for acceleration of machine learning techniques based on decision trees. The optimisations use the various encoding of a feature vector to reduce hardware resources. Due to the proposed optimisations, it was possible to reduce LUTs by 70.5 % for HTTP brute force attack detection and BRAMs by 50 % for application protocol identification. Both with only negligible impact on classifiers' accuracy. Moreover, proposed optimisations reduce wires and multiplexors in the processing pipeline, positively affecting the proposed architecture's maximal achievable frequency.
Název v anglickém jazyce
Efficient Acceleration of Decision Tree Algorithms for Encrypted Network Traffic Analysis
Popis výsledku anglicky
Network traffic analysis and deep packet inspection are time-consuming tasks, which current processors can not handle at 100 Gbps speed. Therefore security systems need fast packet processing with hardware acceleration. With the growing of encrypted network traffic, it is necessary to extend Intrusion Detection Systems (IDSes) and other security tools by new detection methods. Security tools started to use classifiers trained by machine learning techniques based on decision trees. Random Forest, Compact Random Forest and AdaBoost provide excellent result in network traffic analysis. Unfortunately, hardware architectures for these machine learning techniques need high utilisation of on-chip memory and logic resources. Therefore we propose several optimisations of highly pipelined architecture for acceleration of machine learning techniques based on decision trees. The optimisations use the various encoding of a feature vector to reduce hardware resources. Due to the proposed optimisations, it was possible to reduce LUTs by 70.5 % for HTTP brute force attack detection and BRAMs by 50 % for application protocol identification. Both with only negligible impact on classifiers' accuracy. Moreover, proposed optimisations reduce wires and multiplexors in the processing pipeline, positively affecting the proposed architecture's maximal achievable frequency.
Klasifikace
Druh
D - Stať ve sborníku
CEP obor
—
OECD FORD obor
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Návaznosti výsledku
Projekt
<a href="/cs/project/VI20192022143" target="_blank" >VI20192022143: Flexibilní sonda pro realizaci zákonných odposlechů</a><br>
Návaznosti
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)
Ostatní
Rok uplatnění
2021
Kód důvěrnosti údajů
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Údaje specifické pro druh výsledku
Název statě ve sborníku
Proceedings - 2021 24th International Symposium on Design and Diagnostics of Electronic Circuits and Systems, DDECS 2021
ISBN
978-1-6654-3595-6
ISSN
—
e-ISSN
—
Počet stran výsledku
4
Strana od-do
115-118
Název nakladatele
Institute of Electrical and Electronics Engineers
Místo vydání
Vídeň
Místo konání akce
Vídeň
Datum konání akce
7. 4. 2021
Typ akce podle státní příslušnosti
WRD - Celosvětová akce
Kód UT WoS článku
000672620200022