Network Intrusion Detect Systems for High Speed environments
Network Intrusion Detect Systems (NIDS) are often adopted in computer networks. The goal is to detect any malicious traffic, but with the advance in network protocols, it became a complicated task. Because, even with the advance in computational techniques, the network speedup was improved quickly. In 1983 the 802.3 protocol was standardized with speed up to 3Mbps. We have protocols like IEEE P802.3bs, where it defines the specification for 200 and 400Gb/s.
In this scenario, to analyze all traffic become harder. Thus, we have some options:
- To apply statistical methods to avoid the need to analyze all transmitted packets;
- To use so much computational power to investigate each one packet;
- To ignore the deadlines and focus on accuracy.
In literature, we can see all options being considered, but our research interest is to analyze all packets but using lightweight Machine Learning (ML) methods in scenarios with network speed up to 40Gbps. Aiming to have a high-speed prediction, but taking into account accuracy.