Real-Time Anomaly Detection Framework for Many-Core Router through Machine-Learning Techniques

Abstract

In this article, we propose a real-time anomaly detection framework for an NoC-based many-core architecture. We assume that processing cores and memories are safe and anomaly is included through a communication medium (i.e., router). The article targets three different attacks, namely, traffic diversion, route looping, and core address spoofing attacks. The attacks are detected by using machine-learning techniques. Comprehensive analysis on machine-learning algorithms suggests that Support Vector Machine (SVM) and K-Nearest Neighbor (K-NN) have better attack detection efficiency. It has been observed that both algorithms have accuracy in the range of 94% to 97%. Additional hardware complexity analysis advocates SVM to be implemented on hardware. To test the framework, we implement a condition-based attack insertion module; attacks are performed intra- and intercluster. The proposed real-time anomaly detection framework is fully placed and routed on Xilinx Virtex-7 FPGA. Postplace and -route implementation results show that SVM has 12% to 2% area overhead and 3% to 1% power overhead for the quad-core and 16-core implementation, respectively. It is also observed that it takes 25% to 18% of the total execution time to detect an anomaly in transferred packets for quad-core and 16-core, respectively. The proposed framework achieves 65% reduction in area overhead and is 3 times faster compared to previous published work.

Document Details

Document Type

Pub Defense Publication

Publication Date

Jun 16, 2016

Source ID

10.1145/2827699

Entities

Tags