SynFull-RTL: evaluation methodology for RTL NoC designs

SynFull is a widely employed tool that generates realistic traffic patterns for the performance evaluation of a NoC. In this work, we identify the main limitations of SynFull: high variability and long simulation time and also that these limitations increase when SynFull is integrated with RTL designs. SynFull-RTL employs a statistical approach, simulating each application macro-phase only once and averaging according to its probability of occurrence and the measured traffic load. SynFull-RTL obtains higher accuracy than the original version and reduced variability, with observed 40× reduction in simulation time and resources. A use-case with ProSMART validates the results.This work has been supported by the Spanish Science and Technology Commission under contract PID2019-105660RB-C22 and the European HiPEAC Network of Excellence. Enrique Vallejo has been partially supported by the Ministry of Universities, Subprograma Estatal de Movilidad, grant number PRX21/00757. This work also received funding from the European Union Horizon 2020 research and innovation programme under grant agreements number 826647 (EPI) and 946002 (MEEP).Peer ReviewedPostprint (author's final draft

Incremental High Throughput Network Traffic Classifier

Today’s network traffic are dynamic and fast. Con-ventional network traffic classification based on flow feature and data mining are not able to process traffic efficiently. Hardware based network traffic classifier is needed to be adaptable to dynamic network state and to provide accurate and updated classification at high speed. In this paper, a hardware architecture of online incremental semi-supervised algorithm is proposed. The hardware architecture is designed such that it is suitable to be incorporated in NetFPGA reference switch design. The experimental results on real datasets show that with only 10% of labeled data, the proposed architecture can perform online classification of network traffic at 1Gbps bitrate with 91% average accuracy without loosing any flows

Metamorphic malware detection based on support vector machine classification of malware sub-signatures

Achieving accurate and efficient metamorphic malware detection remains a challenge. Metamorphic malware is able to mutate and alter its code structure in each infection that can circumvent signature matching detection. However, some vital functionalities and code segments remain unchanged between mutations. We exploit these unchanged features by the mean of classification using Support Vector Machine (SVM). N-gram features are extracted directly from malware binaries to avoid disassembly, which these features are then masked with the extracted known malware signature n-grams. These masked features reduce the number of selected n-gram features considerably. Our method is capable to accurately detect metamorphic malware with ~99 accuracy and low false positive rate. The proposed method is also superior to commercially available anti-viruses for detecting metamorphic malware

Metamorphic Malware Detection Based on Support Vector Machine Classification of Malware Sub-Signatures

Achieving accurate and efficient metamorphic malware detection remains a challenge. Metamorphic malware is able to mutate and alter its code structure in each infection, with some vital functionality and codesegment remain unchanged. We exploit these unchanged features for detecting metamorphic malware detection using Support Vector Machine(SVM) classifier. n-gram features are extracted directly from sample malware binaries to avoid disassembly, which are then masked with the extracted Snort signature n-grams. These masked features reduce considerably the number of selected n-gram features. Our method is capable to accurately detect metamorphic malware with ~99 % accuracy and low false positive rate. The proposed method is also superior than commercially available anti-viruses in detecting metamorphicmalware

Feature selection and machine learning classification for malware detection

Malware is a computer security problem that can morph to evade traditional detection methods based on known signature matching. Since new malware variants contain patterns that are similar to those in observed malware, machine learning techniques can be used to identify new malware. This work presents a comparative study of several feature selection methods with four different machine learning classifiers in the context of static malware detection based on n-grams analysis. The result shows that the use of Principal Component Analysis (PCA) feature selection and Support Vector Machines (SVM) classification gives the best classification accuracy using a minimum number of feature

A hardware architecture of stateless open digest spam fingerprinting unit

Spam has become one of the main problems for email users and servers. Approximately around 75 % of all sent emails is spam. Currently spam detection is being done at email servers on application layer which need to store all TCP packets of an email and then use spam detection methods after reassembling. The spam detection technique on the application layer is slow and cannot cope with the current speed of the internet. If email classes could be estimated before being accepted by receiving MTAs for queuing, better spam handling strategies could be utilized. The aim of this project is divided in two parts. First to develop an inline Internet Protocol wrapper that is capable for processing packets for stateless content classification. The second aim is to the development of a hardware spam detection unit based on Nilsimsa fingerprinting algorithm. The IP wrapper is implemented successfully on hardware. This unit increases the Ethernet speed from 25 Mbit/s to 85 Mbit/s and provides a simple interface to transfer and receive packets from Ethernet port. IP Wrapper also provides extra time to process received packets for the microcontroller. In this project we present hardware architecture of a modified form of Nilsimsa algorithm to be implemented on hardware for higher fingerprinting throughput while having the same accuracy as the original algorithm. The improvement is noticeable in the term of processing speed and hardware allocated resources, and the accuracy tested on false positive spam detection. The implemented algorithm works with the operation frequency up to 123 MHz and has the throughput of 1 byte per 2 clock cycles (4 bit per clock cycle). Our system also needs extra 512 clock cycles after receiving whole of the message to complete the computation of Nilsimsa fingerprint

Automated dataset generation for training peer-to-peer machine learning classifiers

Peer-to-peer (P2P) classifications based on flow statistics have been proven accurate in detecting P2P traffic. A machine learning classification is affected by the quality and recency of the training dataset used. Hence, to classify P2P traffic on-line requires the removal of these limitations. In this paper, an automated training dataset generation for an on-line P2P traffic classification is proposed to allow frequent classifier retraining. A two-stage training dataset generator (TSTDG) is proposed by combining a 3-class heuristic and a 3-class statistical classification to automatically generate a training dataset. In the heuristic stage, traffic is classified as P2P, non-P2P, or unknown. In the statistical stage, a dual Decision Tree is built based on a dataset generated in the heuristic stage to reduce the amount of classified unknown traffic. The final training dataset is generated based on all flows that are classified in these two stages. The proposed system has been evaluated on traces captured from a campus network. The overall results show that the TSTDG can generate an accurate training dataset by classifying around 94 % of total flows with high accuracy (98.59 %) and a low false positive rate (1.27 %)

Low Latency Network-on-Chip Router Microarchitecture Using Request Masking Technique

Network-on-Chip (NoC) is fast emerging as an on-chip communication alternative for many-core System-on-Chips (SoCs). However, designing a high performance low latency NoC with low area overhead has remained a challenge. In this paper, we present a two-clock-cycle latency NoC microarchitecture. An efficient request masking technique is proposed to combine virtual channel (VC) allocation with switch allocation nonspeculatively. Our proposed NoC architecture is optimized in terms of area overhead, operating frequency, and quality-of-service (QoS). We evaluate our NoC against CONNECT, an open source low latency NoC design targeted for field-programmable gate array (FPGA). The experimental results on several FPGA devices show that our NoC router outperforms CONNECT with 50% reduction of logic cells (LCs) utilization, while it works with 100% and 35%~20% higher operating frequency compared to the one- and two-clock-cycle latency CONNECT NoC routers, respectively. Moreover, the proposed NoC router achieves 2.3 times better performance compared to CONNECT

Low latency Network-on-Chip router microarchitecture using request masking technique

Network-on-Chip (NoC) is fast emerging as an on-chip communication alternative for many-core System-on-Chips (SoCs). However, designing a high performance low latency NoC with low area overhead has remained a challenge. In this paper, we present a two-clock-cycle latency NoC microarchitecture. An efficient request masking technique is proposed to combine virtual channel (VC) allocation with switch allocation nonspeculatively. Our proposed NoC architecture is optimized in terms of area overhead, operating frequency, and quality-of-service (QoS). We evaluate our NoC against CONNECT, an open source low latency NoC design targeted for field-programmable gate array (FPGA). The experimental results on several FPGA devices show that our NoC router outperforms CONNECT with 50% reduction of logic cells (LCs) utilization, while it works with 100% and 35%~20% higher operating frequency compared to the one- and two-clock-cycle latency CONNECT NoC routers, respectively. Moreover, the proposed NoC router achieves 2.3 times better performance compared to CONNECT

MIMO-OFDM LTE system based on a parallel IFFT/FFT on NoC-based FPGA

The growing demand for wireless devices capable of performing complex communication processes has imposed an urgent need for high-speed communication systems and advanced network processors. This paper proposes a hardware workflow developed for the Long-Term Evolution (LTE) communication system. It studies the multiple-input, multiple-output orthogonal frequency-division multiplexing (MIMO-OFDM) LTE system. Specifically, this work focuses on the implementation of the OFDM block that dominates the execution time in high-speed communication systems. To achieve this goal, we have proposed an NoC-based low-latency OFDM LTE multicore system that leverages Inverse Fast Fourier Transform (IFFT) parallel computation on a variable number of processing cores. The proposed multicore system is implemented on an FPGA platform using the ProNoC tool, an automated rapid prototyping platform. Our obtained results show that LTE OFDM execution time is drastically reduced by increasing the number of processing cores. Nevertheless, the NoC’s parameters, such as routing algorithm and topology, have a negligible influence on the overall execution time. The implementation results show up to 24% and 76% execution time reduction for a system having 2 and 16 processing cores compared to conventional LTE OFDM implemented in a single-core, respectively. We have found that a 4×4 Mesh NoC with XY deterministic routing connected to 16 processing tiles computing IFFT task is the most efficient configuration for computing LTE OFDM. This configuration is 4.12 times faster than a conventional system running on a single-core processor.Peer ReviewedPostprint (author's final draft