Skip to content

csce585-mlsystems/innetwork-attack-detection

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
code
code
 
 
data
data
 
 
doc
doc
 
 
README.md
README.md
 
 
references.bib
references.bib
 
 

Repository files navigation

Project Title

Intelligent In-Network Attack Detection

Group Info

Project Summary/Abstract

This project focuses on deploying an intelligent in-network attack detection system powered by machine learning to enhance real-time cybersecurity defenses. The system will be evaluated for performance in terms of latency and throughput to ensure minimal impact on network efficiency. Deployment and validation will be conducted on a real-world testbed, such as the USC datacenter or the FABRIC national testbed, to demonstrate scalability and practical effectiveness.

Problem Description

  • Problem description: As network speeds continue to increase and cyberattacks grow in sophistication, traditional defense mechanisms struggle to keep pace. Conventional approaches often cannot efficiently inspect the massive volumes of traffic, much of which is encrypted, without introducing significant performance bottlenecks. To address these limitations, distributed architectures and hardware-accelerated solutions are emerging as promising alternatives for scalable and effective network defense.

  • Motivation

    • The rapid growth of network traffic and encrypted communication requires scalable, intelligent security mechanisms that can operate in real time.
    • Traditional centralized intrusion detection systems cannot handle the volume and speed of modern data flows without causing performance degradation.
    • Deploying machine learning–based, in-network detection systems on real testbeds (e.g., USC datacenter, FABRIC) provides a practical path to evaluate and advance next-generation cybersecurity solutions.

  • Challenges

    • Designing ML models that can accurately detect evolving attack patterns while maintaining low false positives in high-speed environments.
    • Ensuring system performance by minimizing added latency and maintaining high throughput during live deployment.
    • Integrating the system into real-world testbeds with heterogeneous infrastructure and validating scalability under realistic traffic conditions.

Contribution

[Novel contribution]

  • Deploy machine learning models within programmable in-network devices by overcoming hardware constraints and optimizing model placement.
  • Map machine learning algorithms to network device architectures and validate their performance on real-world testbeds such as the USC datacenter and FABRIC.

Note: This has no impact on your grade as long as you properly follow the procedure (e.g., problem identification, motivation, method, discussion, results, conclusion). Choosing [Novel contribution] will not give you any advantage over [Replication of existing work].

References

[1] K. Tasdemir, R. Khan, F. Siddiqui, S. Sezer, F. Kurugollu and A. Bolat, "An Investigation of Machine Learning Algorithms for High-bandwidth SQL Injection Detection Utilising BlueField-3 DPU Technology," 2023 IEEE 36th International System-on-Chip Conference (SOCC), Santa Clara, CA, USA.

[2] Kapoor, R., Anastasiu, D. C., & Choi, S. (2025). ML-NIC: accelerating machine learning inference using smart network interface cards. Frontiers in Computer Science, 6, 1493399.

[3] M. Wu, H. Matsutani and M. Kondo, "ONLAD-IDS: ONLAD-Based Intrusion Detection System Using SmartNIC," 2022 IEEE 24th Int Conf on High Performance Computing & Communications; 8th Int Conf on Data Science & Systems; 20th Int Conf on Smart City; 8th Int Conf on Dependability in Sensor, Cloud & Big Data Systems & Application (HPCC/DSS/SmartCity/DependSys), Hainan, China.

[4] B. M. Xavier, R. S. Guimarães, G. Comarela and M. Martinello, "Programmable Switches for in-Networking Classification," IEEE INFOCOM 2021 - IEEE Conference on Computer Communications, Vancouver, BC, Canada.

Reproducing Code for Milestone P1

  1. Change to code directory cd code
  2. Run the Jupyter notebook data_preprocess.ipynb

Dependencies

  • Python 3.12.12
  • Numpy
  • Pandas
  • Matplotlib
  • Seaborn
  • tqdm
  • IPython
  • gc
  • sklearn

Directory Structure

|- code
|   |- data_preprocess.ipynb
|- data
|   |- links to data.txt
|- doc
|   |- Milestone P0 — Project Proposal and Motivation.pdf
|   |- Milestone P1 — Initial Experiment and Evaluation Setup.pdf
|   |- Slides Milestone P0 — Project Proposal and Motivation.pdf
|   |- Slides Milestone P1 — Initial Experiment and Evaluation Setup.pdf
|- README.mp
|- references.bib

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages