FPGA implementation of naive bayes classifier for network security

In the vast usage of internet nowadays, the rate of cybercrime such as fraud, hacking, identity theft, network intrusion, software piracy and espionage are becoming more critical. Malware code writers used this chance to create malware that able to breach the security and gain access to the informat...

Full description

Saved in:
Bibliographic Details
Main Author: Mohamad Zuki, Ahmad Zulzhafri
Format: Thesis
Language:English
Published: 2018
Subjects:
Online Access:http://eprints.utm.my/id/eprint/79213/1/AhmadZulzhafriMFKE2018.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
id my-utm-ep.79213
record_format uketd_dc
spelling my-utm-ep.792132018-10-14T08:39:29Z FPGA implementation of naive bayes classifier for network security 2018 Mohamad Zuki, Ahmad Zulzhafri TK Electrical engineering. Electronics Nuclear engineering In the vast usage of internet nowadays, the rate of cybercrime such as fraud, hacking, identity theft, network intrusion, software piracy and espionage are becoming more critical. Malware code writers used this chance to create malware that able to breach the security and gain access to the information. Hence, the importance of malware detection system becoming more significant as the users need the protection from the malware threats. Most of malware detection systems implement signature based classification where only known malware can be detected. Nowadays, new malwares are able to change its signature sequence regularly in order to avoid detection. This polymorphic malware becomes the limitation for signature based detection approach. This project aim is to proposed signature-based detection approach that able to detect polymorphic malware by using Naïve Bayes algorithm. The integration of the classifier architecture onto FPGA board in order to measures the performances of the system. The feature from network traffic subset to Snort signature detection of known malware and benign samples are extracted using overlapping Ngram string format. The data set is then being used for training and testing for the classifier. The classifier for the malware detection used Naïve Bayes algorithm that using Bayesian Theorem probability for the features in the data set to determine types of the flow. The model is then being implemented into hardware FPGA architecture and being coded in RTL. The target FPGA that being used in Vivado software is Xilinx Virtex-7 VC709 that able to support the system requirements. The hardware performance of the model was analyzed and compared with the Naïve Bayes software classifier for the performance evaluation. The proposed hardware NB malware detection classifier has managed to achieve 96.3% accuracy and improved FPR rate of 3.1%. The hardware NB malware detection classifier on FPGA architecture also able to achieve better resource utilization and improved detection speed of 0.13 μs per flow. 2018 Thesis http://eprints.utm.my/id/eprint/79213/ http://eprints.utm.my/id/eprint/79213/1/AhmadZulzhafriMFKE2018.pdf application/pdf en public masters Universiti Teknologi Malaysia, Faculty of Electrical Engineering Faculty of Electrical Engineering
institution Universiti Teknologi Malaysia
collection UTM Institutional Repository
language English
topic TK Electrical engineering
Electronics Nuclear engineering
spellingShingle TK Electrical engineering
Electronics Nuclear engineering
Mohamad Zuki, Ahmad Zulzhafri
FPGA implementation of naive bayes classifier for network security
description In the vast usage of internet nowadays, the rate of cybercrime such as fraud, hacking, identity theft, network intrusion, software piracy and espionage are becoming more critical. Malware code writers used this chance to create malware that able to breach the security and gain access to the information. Hence, the importance of malware detection system becoming more significant as the users need the protection from the malware threats. Most of malware detection systems implement signature based classification where only known malware can be detected. Nowadays, new malwares are able to change its signature sequence regularly in order to avoid detection. This polymorphic malware becomes the limitation for signature based detection approach. This project aim is to proposed signature-based detection approach that able to detect polymorphic malware by using Naïve Bayes algorithm. The integration of the classifier architecture onto FPGA board in order to measures the performances of the system. The feature from network traffic subset to Snort signature detection of known malware and benign samples are extracted using overlapping Ngram string format. The data set is then being used for training and testing for the classifier. The classifier for the malware detection used Naïve Bayes algorithm that using Bayesian Theorem probability for the features in the data set to determine types of the flow. The model is then being implemented into hardware FPGA architecture and being coded in RTL. The target FPGA that being used in Vivado software is Xilinx Virtex-7 VC709 that able to support the system requirements. The hardware performance of the model was analyzed and compared with the Naïve Bayes software classifier for the performance evaluation. The proposed hardware NB malware detection classifier has managed to achieve 96.3% accuracy and improved FPR rate of 3.1%. The hardware NB malware detection classifier on FPGA architecture also able to achieve better resource utilization and improved detection speed of 0.13 μs per flow.
format Thesis
qualification_level Master's degree
author Mohamad Zuki, Ahmad Zulzhafri
author_facet Mohamad Zuki, Ahmad Zulzhafri
author_sort Mohamad Zuki, Ahmad Zulzhafri
title FPGA implementation of naive bayes classifier for network security
title_short FPGA implementation of naive bayes classifier for network security
title_full FPGA implementation of naive bayes classifier for network security
title_fullStr FPGA implementation of naive bayes classifier for network security
title_full_unstemmed FPGA implementation of naive bayes classifier for network security
title_sort fpga implementation of naive bayes classifier for network security
granting_institution Universiti Teknologi Malaysia, Faculty of Electrical Engineering
granting_department Faculty of Electrical Engineering
publishDate 2018
url http://eprints.utm.my/id/eprint/79213/1/AhmadZulzhafriMFKE2018.pdf
_version_ 1747818173661446144