Hardware Realization of Artificial Neural Network Based Intrusion Detection & Prevention System


In the 21st century with the exponential growth of the Internet, the vulnerability of the network which connects us is on the rise at a very fast pace. Today organizations are spending millions of dollars to protect their sensitive data from different vulnerabilities that they face every day. In this paper, a new methodology towards implementing an Intrusion Detection & Prevention System (IDPS) based on Artificial Neural Network (ANN) onto Field Programmable Gate Array (FPGA) is proposed. This system not only detects different network attacks but also prevents them from being propagated. The parallel structure of an ANN makes it potentially fast for the computation of certain tasks. FPGA platforms are the optimum and best choice for the modern digital systems nowadays. The same feature makes ANN well suited for implementation in FPGA technology. Hardware realization of ANN to a large extent depends on the efficient implementation of a single neuron. However FPGA realization of ANNs with a large number of neurons is still a challenging task. The proposed multilayer ANN based IDPS uses multiple neurons for higher performance and greater accuracy. Simulation of the design in MATLAB SIMULINK 2010b by using Knowledge Discovery and Data Mining (KDD) CUP dataset shows a very good performance. Subsequently MATLAB HDL coder was used to generate VHDL code for the proposed design that produced Intellectual Property (IP) cores for Xilinx Targeted Design Platforms. For evaluation purposes the proposed design was synthesized, implemented and tested onto Xilinx Virtex-7 2000T FPGA device.

Share and Cite:

Mukhopadhyay, I. and Chakraborty, M. (2014) Hardware Realization of Artificial Neural Network Based Intrusion Detection & Prevention System. Journal of Information Security, 5, 154-165. doi: 10.4236/jis.2014.54015.

Conflicts of Interest

The authors declare no conflicts of interest.


[1] Scarfone, K. and Mell, P. (2007) Guide to Intrusion and Prevention System (IDPS). Department of Commerce, National Institute of Standard and Technology, Technology Administration. http://csrc.nist.gov/publications/nistpubs/800-94/SP800-94.pdf
[2] Widrow, B., Rumelhart, D.E. and Lehr, M.A. (1994) Neural Networks: Applications in Industry, Business and Science. Communications of the ACM, 37, 93-105.
[3] Muthuramalingam, A., Himavathi, S. and Srinivasan, E. (2008) Neural Network Implementation Using FPGA: Issues and Application. The International Journal of Information Technology, 4, 86-92.
[4] Tommiska, M.T. (2003) Efficient Digital Implementation of the Sigmoid Function for Reprogrammable Logic. IEEE Proceedings of Computers and Digital Techniques, 150, 403-411.
[5] Mukhopadhyay, I., Chakraborty, M. and Chakarbarti, S. (2011) A Comparative Study of Related Technologies of Intrusion Detection & Prevention Systems. Journal of Information Security, 1, 28-38. http://dx.doi.org/10.4236/jis.2011.21003
[6] Savran, A. and ünsal, S. (1999) Hardware Implementation of a Feed forward Neural Network Using FPGAs’. Department of Electrical and Electronics Engineering, Ege University.
[7] Haykin, S. (1999) Neural Networks—A Comprehensive Foundations. Prentice-Hall International, New Jersey.
[8] Rai, C.S. and Singh, A.P. (2006) A Review of Implementation Techniques for Artificial Neural Networks. University School of Information Technology, GGS Indraprastha University, Delhi.
[9] (2014) SNORT User Manual. http://www.snort.org/
[10] Chang, R.-I, Lai, L.-B., Su, W.-D., Wang, J.-C. and Kouh, J.-S. (2007) Intrusion Detection by Back Propagation Neural Networks with Sample-Query and Attribute-Query. International Journal of Computational Intelligence Research, 3, 6-10.
[11] Dharmapurikar, S., Krishnamurthy, P., Sproull, T., Lockwood, J. and Speeds, L. (2004) Deep Packet Inspection Using Parallel Bloom Filters.
[12] Mukhopadhyay, I., Chakraborty, M., Chakrabarti, S. and Chatterjee, T. (2011) Back Propagation Neural Network Approach to Intrusion Detection System. The Proceeding of International Conference on Recent Trend in Information System (ReTIS-11), Kolkata, 21-23 December 2011, 303-308.
[13] KDD Cup (1999) Computer Network Intrusion Detection. http://www.sigkdd.org/kdd-cup-1999-computer-network-intrusion-detection
[14] Mukhopadhyay, I., Chakraborty, M. and Chatterjee, T. (2012) Artificial Neural Network Modeling of Intrusion Detection & Prevention System. IEM International Journal of Management & Technology, 2.
[15] Manners, D. (2011) Electronics Weekly. Xilinx Launches 20m ASIC Gate Stacked Silicon FPGA.
[16] Vahid, F. (2010) Digital Design with RTL Design, Verilog and VHDL. 2nd Edition, John Wiley and Sons, 247.

Copyright © 2023 by authors and Scientific Research Publishing Inc.

Creative Commons License

This work and the related PDF file are licensed under a Creative Commons Attribution 4.0 International License.