Evolving Block-Based Neural Network and Field Programmable Gate Arrays for Host-Based Intrusion Detection System

In this paper, we design a prototype with hybrid software-enabled detection engine on the basis of an evolving block-based neural network (BBNN), and integrate it with a Field Programmable Gate Arrays (FPGA) board to enable a real-time host-based intrusion detection system (IDS). The established prototype can feed sequence of system calls obtained from a server directly into the BBNN based IDS. The structure and weights of BBNN are evolved by Genetic Algorithms. Experimental performance comparisons have been conducted against four major Support Vector Machines (SVMs) by carrying out leave-one-out cross validation. The results show that the improved BBNN outperforms other algorithms with respect to the classification and detection performances. The false alarm rate is successfully reduced as low as 2.22% while the detection rate 100% is still maintained. The running times of the proposed hardware based IDS versus other software based systems are also discussed.