Affiliation:
1. University of Maryland Baltimore County, Baltimore, MD
2. University of Southern California, Information Sciences Institute, Arlington, VA
Abstract
In this article, we propose a real-time anomaly detection framework for an NoC-based many-core architecture. We assume that processing cores and memories are safe and anomaly is included through a communication medium (i.e., router). The article targets three different attacks, namely, traffic diversion, route looping, and core address spoofing attacks. The attacks are detected by using machine-learning techniques. Comprehensive analysis on machine-learning algorithms suggests that Support Vector Machine (SVM) and K-Nearest Neighbor (K-NN) have better attack detection efficiency. It has been observed that both algorithms have accuracy in the range of 94% to 97%. Additional hardware complexity analysis advocates SVM to be implemented on hardware. To test the framework, we implement a condition-based attack insertion module; attacks are performed intra- and intercluster. The proposed real-time anomaly detection framework is fully placed and routed on Xilinx Virtex-7 FPGA. Postplace and -route implementation results show that SVM has 12% to 2% area overhead and 3% to 1% power overhead for the quad-core and 16-core implementation, respectively. It is also observed that it takes 25% to 18% of the total execution time to detect an anomaly in transferred packets for quad-core and 16-core, respectively. The proposed framework achieves 65% reduction in area overhead and is 3 times faster compared to previous published work.
Funder
Defense Advanced Research Projects Agency
Publisher
Association for Computing Machinery (ACM)
Subject
Electrical and Electronic Engineering,Hardware and Architecture,Software
Cited by
44 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献