Enabling Malware Detection with Machine Learning on Programmable Switch

Hsin Fu Chang*, Michael I.C. Wang*, Chi Hsiang Hung, Charles H.P. Wen*

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

5 Scopus citations

Abstract

Malware detection is an important issue for network security, especially for the Internet of Things (IoT) network. Traditional network intrusion detection system (NIDS), running on external host servers, are not scalable for ever-increasing IoT traffic and waste time on transmitting data back and forth. Here, we propose a novel architecture called on-switch malware detector that utilizes the programmable switch and the machine-learning technique to achieve better performance on detecting malicious flows in the network. The on-switch malware detector mainly consists of four components: (1) packet forwarder, (2) feature extractor, (3) flow director, and (4) neural-network detector. According to the experimental results, the on-switch malware detection has a 99.57% shorter response time than a conventional signature-based NIDS; meanwhile its processing capacity increases by 800 times. As a result, the on-switch malware detector efficiently overcomes the shortcomings of conventional NIDSs, making it a better fit for the IoT network.

Original languageEnglish
Title of host publicationProceedings of the IEEE/IFIP Network Operations and Management Symposium 2022
Subtitle of host publicationNetwork and Service Management in the Era of Cloudification, Softwarization and Artificial Intelligence, NOMS 2022
EditorsPal Varga, Lisandro Zambenedetti Granville, Alex Galis, Istvan Godor, Noura Limam, Prosper Chemouil, Jerome Francois, Marc-Oliver Pahl
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781665406017
DOIs
StatePublished - 2022
Event2022 IEEE/IFIP Network Operations and Management Symposium, NOMS 2022 - Budapest, Hungary
Duration: 25 Apr 202229 Apr 2022

Publication series

NameProceedings of the IEEE/IFIP Network Operations and Management Symposium 2022: Network and Service Management in the Era of Cloudification, Softwarization and Artificial Intelligence, NOMS 2022

Conference

Conference2022 IEEE/IFIP Network Operations and Management Symposium, NOMS 2022
Country/TerritoryHungary
CityBudapest
Period25/04/2229/04/22

Fingerprint

Dive into the research topics of 'Enabling Malware Detection with Machine Learning on Programmable Switch'. Together they form a unique fingerprint.

Cite this