research-article

Real-Time Anomaly Detection Framework for Many-Core Router through Machine-Learning Techniques

Authors:
Amey Kulkarni

University of Maryland Baltimore County, Baltimore, MD

University of Maryland Baltimore County, Baltimore, MD
View Profile

,
Youngok Pino

University of Southern California, Information Sciences Institute, Arlington, VA

University of Southern California, Information Sciences Institute, Arlington, VA
View Profile

,
Matthew French

University of Southern California, Information Sciences Institute, Arlington, VA

University of Southern California, Information Sciences Institute, Arlington, VA
View Profile

,
Tinoosh Mohsenin

University of Maryland Baltimore County, Baltimore, MD

University of Maryland Baltimore County, Baltimore, MD
View Profile

ACM Journal on Emerging Technologies in Computing Systems Volume 13 Issue 1Article No.: 10pp 1–22https://doi.org/10.1145/2827699

Published:16 June 2016Publication History

ACM Journal on Emerging Technologies in Computing Systems

Abstract

In this article, we propose a real-time anomaly detection framework for an NoC-based many-core architecture. We assume that processing cores and memories are safe and anomaly is included through a communication medium (i.e., router). The article targets three different attacks, namely, traffic diversion, route looping, and core address spoofing attacks. The attacks are detected by using machine-learning techniques. Comprehensive analysis on machine-learning algorithms suggests that Support Vector Machine (SVM) and K-Nearest Neighbor (K-NN) have better attack detection efficiency. It has been observed that both algorithms have accuracy in the range of 94% to 97%. Additional hardware complexity analysis advocates SVM to be implemented on hardware. To test the framework, we implement a condition-based attack insertion module; attacks are performed intra- and intercluster. The proposed real-time anomaly detection framework is fully placed and routed on Xilinx Virtex-7 FPGA. Postplace and -route implementation results show that SVM has 12% to 2% area overhead and 3% to 1% power overhead for the quad-core and 16-core implementation, respectively. It is also observed that it takes 25% to 18% of the total execution time to detect an anomaly in transferred packets for quad-core and 16-core, respectively. The proposed framework achieves 65% reduction in area overhead and is 3 times faster compared to previous published work.

References

M. Abramovici and P. Bradley. 2009. Integrated circuit security: New threats and solutions. In Proceedings of the 2009 5th Annual Workshop on Cyber Security and Information Intelligence Research. DOI:http://dx.doi.org/10.1145/1558607.1558671 Google ScholarDigital Library
A. Adamov, A. Saprykin, D. Melnik, and O. Lukashenko. 2009. The problem of hardware Trojans detection in system-on-chip. In Proceedings of the 10th International Conference - The Experience of Designing and Application of CAD Systems in Microelectronics, 2009 (CADSM’09). 178--179.Google Scholar
D. Agrawal, S. Baktir, D. Karakoyunlu, P. Rohatgi, and B. Sunar. 2007. Trojan detection using IC fingerprinting. In Proceedings of the 2007 IEEE Symposium on Security and Privacy (SP’07). Berkeley, CA, 296--310. DOI:10.1109/SP.2007.36 Google ScholarDigital Library
A. Almalawi, Z. Tari, A. Fahad, and I. Khalil. 2013. A framework for improving the accuracy of unsupervised intrusion detection for SCADA systems. In Proceedings of the 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom’13). 292--301. DOI:http://dx.doi.org/10.1109/TrustCom.2013.40 Google ScholarDigital Library
D. Anguita, A. Ghio, S. Pischiutta, and S. Ridella. 2007. A hardware-friendly support vector machine for embedded automotive applications. In Proceedings of the International Joint Conference on Neural Networks, 2007 (IJCNN’07). 1360--1364. DOI:http://dx.doi.org/10.1109/IJCNN.2007.4371156Google ScholarCross Ref
G. Becker, F. Regazzoni, C. Paar, and W. Burleson. 2013. Stealthy dopant-level hardware Trojans. In Proceedings of the 2013 15th International Workshop on Cryptographic Hardware and Embedded Systems (CHES’13). 197--214. DOI:http://dx.doi.org/10.1007/978-3-642-40349-1_12 Google ScholarDigital Library
S. Bhunia, M. Abramovici, D. Agrawal, P. Bradley, M. S. Hsiao, J. Plusquellic, and M. Tehranipoor. 2013. Protection against hardware Trojan attacks: Towards a comprehensive solution. IEEE Design Test 30, 3 (June 2013), 6--17. DOI:http://dx.doi.org/10.1109/MDT.2012.2196252Google ScholarCross Ref
J. Bisasky, H. Homayoun, F. Yazdani, and T. Mohsenin. 2013. A 64-core platform for biomedical signal processing. In Proceedings of the 2013 14th International Symposium on Quality Electronic Design (ISQED’13). 368--372. DOI:http://dx.doi.org/10.1109/ISQED.2013.6523637Google Scholar
D. Cao, J. Han, X. Zeng, and S. Lu. 2008. A core-based multi-function security processor with GALS wrapper. In Proceedings of the 9th International Conference on Solid-State and Integrated-Circuit Technology, 2008 (ICSICT’08). 1839--1842. DOI:http://dx.doi.org/10.1109/ICSICT.2008.4734938Google Scholar
R. Chakraborty, F. Wolff, S. Paul, C. Papachristou, and S. Bhunia. 2009. MERO: A statistical approach for hardware Trojan detection. In Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems (CHES’09). Springer-Verlag, Berlin, 396--410. DOI:http://dx.doi.org/10.1007/978-3-642-04138-9_28 Google ScholarDigital Library
P. Cotret, J. Crenne, G. Gogniat, and J.-P. Diguet. 2012a. Bus-based MPSoC security through communication protection: A latency-efficient alternative. In Proceedings of the 2012 IEEE 20th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM’12). 200--207. DOI:http://dx.doi.org/10.1109/FCCM.2012.42 Google ScholarDigital Library
P. Cotret, F. Devic, G. Gogniat, B. Badrignans, and L. Torres. 2012b. Security enhancements for FPGA-based MPSoCs: A boot-to-runtime protection flow for an embedded linux-based system. In Proceedings of the 2012 7th International Workshop on Reconfigurable Communication-Centric Systems-on-Chip (ReCoSoC’12). 1--8. DOI:http://dx.doi.org/10.1109/ReCoSoC.2012.6322896Google Scholar
J.-P. Diguet, S. Evain, R. Vaslin, G. Gogniat, and E. Juin. 2007. NOC-centric security of reconfigurable SoC. In Proceedings of the 1st International Symposium on Networks-on-Chip, 2007 (NOCS’07). 223--232. DOI:http://dx.doi.org/10.1109/NOCS.2007.32 Google ScholarDigital Library
L. Fiorin, S. Lukovic, and G. Palermo. 2008. Implementation of a reconfigurable data protection module for NoC-based MPSoCs. In Proceedings of the IEEE International Symposium on Parallel and Distributed Processing, 2008 (IPDPS’08). 1--8. DOI:http://dx.doi.org/10.1109/IPDPS.2008.4536514Google ScholarCross Ref
L. Fiorin, G. Palermo, and C. Silvano. 2009. MPSoCs run-time monitoring through networks-on-chip. In Proceedings of the Design, Automation Test in Europe Conference Exhibition, 2009 (DATE’09). 558--561. DOI:http://dx.doi.org/10.1109/DATE.2009.5090726 Google ScholarDigital Library
D. Forte, Chongxi Bao, and A. Srivastava. 2013. Temperature tracking: An innovative run-time approach for hardware Trojan detection. In Proceedings of the 2013 IEEE/ACM International Conference on Computer-Aided Design (ICCAD’13). 532--539. DOI:http://dx.doi.org/10.1109/ICCAD.2013.6691167 Google ScholarDigital Library
F. Gebali, H. Elmiligi, and M. El-Kharashi. 2009. Networks-on-Chips: Theory and Practice (1st ed.). CRC Press, Boca Raton, FL. Google ScholarDigital Library
M. Hicks, M. Finnicum, S. T. King, M. M. K. Martin, and J. M. Smith. 2010. Overcoming an untrusted computing base: Detecting and removing malicious hardware automatically. In Proceedings of the 2010 IEEE Symposium on Security and Privacy. Oakland, CA, USA, 159--172. DOI:10.1109/SP.2010.18 Google ScholarDigital Library
K. Hu, A. N. Nowroz, S. Reda, and F. Koushanfar. 2013. High-sensitivity hardware Trojan detection using multimodal characterization. In Proceedings of the Design, Automation Test in Europe Conference Exhibition (DATE’13). 1271--1276. Google ScholarDigital Library
R. Karri, J. Rajendran, K. Rosenfeld, and M. Tehranipoor. 2010. Trustworthy hardware: Identifying and classifying hardware Trojans. Computer 43, 10 (Oct. 2010), 39--46. DOI:http://dx.doi.org/10.1109/MC.2010.299 Google ScholarDigital Library
H. Khattri, N. K. V. Mangipudi, and S. Mandujano. 2012. HSDL: A security development lifecycle for hardware technologies. In Proceedings of the 2012 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST’12). 116--121. DOI:http://dx.doi.org/10.1109/HST.2012.6224330Google ScholarCross Ref
M. Khavari, A. Kulkarni, A. Rahimi, T. Mohsenin, and H. Homayoun. 2014. Energy-efficient mapping of biomedical applications on domain-specific accelerator under process variation. In Proceedings of the 2014 International Symposium on Low Power Electronics and Design (ISLPED’14). ACM, New York, NY, 275--278. DOI:http://dx.doi.org/10.1145/2627369.2627654 Google ScholarDigital Library
S. Kim, S. Lee, and K. Cho. 2012. Design of high-speed support vector machine circuit for driver assistance system. In Proceedings of the 2012 International SoC Design Conference (ISOCC’12). 45--48. DOI:http://dx.doi.org/10.1109/ISOCC.2012.6406921Google Scholar
A. Kulkarni, H. Homayoun, and T. Mohsenin. 2014. A parallel and reconfigurable architecture for efficient OMP compressive sensing reconstruction. In Proceedings of the 24th Edition of the Great Lakes Symposium on VLSI (GLSVLSI’14). ACM, New York, NY, 299--304. DOI:http://dx.doi.org/10.1145/2591513.2591598 Google ScholarDigital Library
A. Kulkarni and T. Mohsenin. 2014. Parallel heterogeneous architectures for efficient OMP compressive sensing reconstruction. In Proceedings of the International SPIE Conference on Defense, Security, and Sensing.Google Scholar
A. Kulkarni and T. Mohsenin. 2015. Accelerating compressive sensing reconstruction OMP algorithm with CPU, GPU, FPGA and domain specific many-core. In Proceedings of the 2015 IEEE International Symposium on Circuits and Systems (ISCAS’15). 970--973. DOI:http://dx.doi.org/10.1109/ISCAS.2015.7168797Google ScholarCross Ref
K. H. Lee, Z. Wang, and N. Verma. 2013. Hardware specialization of machine-learning kernels: Possibilities for applications and possibilities for the platform design space (Invited). In Proceedings of the 2013 IEEE Workshop on Signal Processing Systems (SiPS’13). 330--335. DOI:http://dx.doi.org/10.1109/SiPS.2013.6674528Google Scholar
A. Sadeghi and M. Mirza-Aghatabar. 2014. An asynchronous, low power and secure framework for network-on-chips. In IJCSNS International Journal of Computer Science and Network Security 8, 7 (2014), 214--223.Google Scholar
S. Narasimhan, W. Yueh, X. Wang, S. Mukhopadhyay, and S. Bhunia. 2012. Improving IC security against Trojan attacks through integration of security monitors. IEEE Design & Test of Computers 29, 5 (Oct. 2012), 37--46. DOI:10.1109/MDT.2012.2210183Google Scholar
A. Page, C. Sagedy, E. Smith, N. Attaran, T. Oates, and T. Mohsenin. 2015. A flexible multichannel EEG feature extractor and classifier for seizure detection. IEEE Transactions on Circuits and Systems II: Express Briefs 62, 2 (Feb. 2015), 109--113. DOI:http://dx.doi.org/10.1109/TCSII.2014.2385211Google ScholarCross Ref
N. Potlapally. 2011. Hardware security in practice: Challenges and opportunities. In Proceedings of the 2011 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST’11). 93--98. DOI:http://dx.doi.org/10.1109/HST.2011.5955003Google ScholarCross Ref
J. Rajendran, E. Gavas, J. Jimenez, V. Padman, and R. Karri. 2010. Towards a comprehensive and systematic classification of hardware Trojans. In Proceedings of 2010 IEEE International Symposium on Circuits and Systems (ISCAS’10). 1871--1874. DOI:http://dx.doi.org/10.1109/ISCAS.2010.5537869Google Scholar
M. Rostami, F. Koushanfar, and R. Karri. 2014. A primer on hardware security: Models, methods, and metrics. Proceedings of the IEEE 102, 8 (Aug. 2014), 1283--1295. DOI:http://dx.doi.org/10.1109/JPROC.2014.2335155Google ScholarCross Ref
M. Rostami, F. Koushanfar, J. Rajendran, and R. Karri. 2013. Hardware security: Threat models and metrics. In Proceedings of the International Conference on Computer-Aided Design (ICCAD’13). IEEE Press, Piscataway, NJ, 819--823. Google ScholarDigital Library
H. Salmani, M. Tehranipoor, and J. Plusquellic. 2012. A novel technique for improving hardware Trojan detection and reducing Trojan activation time. IEEE Transactions on Very Large Scale Integration (VLSI) Systems 20, 1 (Jan 2012), 112--125. DOI:http://dx.doi.org/10.1109/TVLSI.2010.2093547 Google ScholarDigital Library
S. M. H. Shekarian, M. S. Zamani, and S. Alami. 2013. Neutralizing a design-for-hardware-trust technique. In Proceedings of the 2013 17th CSI International Symposium on Computer Architecture and Digital Systems (CADS’13). 73--78. DOI:http://dx.doi.org/10.1109/CADS.2013.6714240Google ScholarCross Ref
M. Tehranipoor and F. Koushanfar. 2010. A survey of hardware trojan taxonomy and detection. IEEE Design and Test of Computers 27, 1 (2010), 10--25. DOI:http://dx.doi.org/10.1109/MDT.2010.7 Google ScholarDigital Library
S. Viseh, M. Ghovanloo, and T. Mohsenin. 2015. Toward an ultralow-power onboard processor for tongue drive system. IEEE Transactions on Circuits and Systems II: Express Briefs 62, 2 (Feb. 2015), 174--178. DOI:http://dx.doi.org/10.1109/TCSII.2014.2387683Google ScholarCross Ref
A. Waksman and S. Sethumadhavan. 2011. Stealthy dopant-level hardware Trojans. In Proceedings of the 2011 IEEE Symposium on Security and Privacy. 49--63. DOI:http://dx.doi.org/10.1109/SP.2011.27 Google ScholarDigital Library
J. Yier and Y. Makris. 2008a. Hardware Trojan detection using path delay fingerprint. In Proceedings of the IEEE International Workshop on Hardware-Oriented Security and Trust, 2008 (HOST’08). 51--57. DOI:http://dx.doi.org/10.1109/HST.2008.4559049 Google ScholarDigital Library
J. Yier and Y. Makris. 2008b. Hardware Trojan detection using path delay fingerprint. In Proceedings of the 2008 IEEE International Workshop on Hardware-Oriented Security and Trust (HOST’08). 51--57. DOI:http://dx.doi.org/10.1109/HST.2008.4559049 Google ScholarDigital Library
J. Zhang, H. Yu, and Q. Xu. 2012. HTOutlier: Hardware Trojan detection with side-channel signature outlier identification. In Proceedings of the 2012 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST’12). 55--58. DOI:http://dx.doi.org/10.1109/HST.2012.6224319Google ScholarCross Ref
J. Zhang, Feng Yuan, and Qiang Xu. 2014. DeTrust: Defeating hardware trust verification with stealthy implicitly-triggered hardware Trojans. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS’14). ACM, New York, NY, 153--166. DOI:http://dx.doi.org/10.1145/2660267.2660289 Google ScholarDigital Library

Index Terms

Real-Time Anomaly Detection Framework for Many-Core Router through Machine-Learning Techniques
1. Hardware
  1. Communication hardware, interfaces and storage
2. Networks

Recommendations

From GPGPU to Many-Core: Nvidia Fermi and Intel Many Integrated Core Architecture

Comparing the architectures and performance levels of an Nvidia Fermi accelerator with an Intel MIC Architecture coprocessor demonstrates the benefit of the coprocessor for bringing highly parallel applications into, or even beyond, GPGPU performance ...
Read More
Parallel programming model for the Epiphany many-core coprocessor using threaded MPI

We investigate the use of MPI for programming the Epiphany RISC array processor.A threaded MPI implementation adapted for coprocessor offload is presented.Existing MPI code for four scientific applications was re-used with minimal changes.Demonstrated ...
Read More
A Many-Core Co-Processor for Embedded Parallel Computing on FPGA
DSD '15: Proceedings of the 2015 Euromicro Conference on Digital System Design

Single processor architectures are unable to provide the required performance of high performance embedded systems. Parallel processing based on general-purpose processors can achieve these performances with a considerable increase of required ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Journal on Emerging Technologies in Computing Systems Volume 13, Issue 1
Special Issue on Secure and Trustworthy Computing
January 2017
208 pages
ISSN:1550-4832
EISSN:1550-4840
DOI:10.1145/2917757
Editor:
Yuan Xie
University of California, Santa Barbara, USA
Issue’s Table of Contents
Copyright © 2016 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States

Journal Family
ACM Journals for the Design of Smart and Connected Systems
Publication History
- Published: 16 June 2016
- Accepted: 1 September 2015
- Revised: 1 July 2015
- Received: 1 December 2014
Published in jetc Volume 13, Issue 1

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Hardware security
NoC
anomaly detection
machine learning
many-core
Qualifiers
- research-article
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 40
  Total Citations
  View Citations
- 801
  Total Downloads
- Downloads (Last 12 months)62
- Downloads (Last 6 weeks)5
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Real-Time Anomaly Detection Framework for Many-Core Router through Machine-Learning Techniques

ACM Journal on Emerging Technologies in Computing Systems

Abstract

References

Cited By

Index Terms

Recommendations

From GPGPU to Many-Core: Nvidia Fermi and Intel Many Integrated Core Architecture

Parallel programming model for the Epiphany many-core coprocessor using threaded MPI

A Many-Core Co-Processor for Embedded Parallel Computing on FPGA

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Journal Family

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Caption

Real-Time Anomaly Detection Framework for Many-Core Router through Machine-Learning Techniques

ACM Journal on Emerging Technologies in Computing Systems

Abstract

References

Cited By

Index Terms

Recommendations

From GPGPU to Many-Core: Nvidia Fermi and Intel Many Integrated Core Architecture

Parallel programming model for the Epiphany many-core coprocessor using threaded MPI

A Many-Core Co-Processor for Embedded Parallel Computing on FPGA

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Journal Family

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Share this Publication link

Share on Social Media