NLP Methods in Host-based Intrusion Detection Systems: A Systematic Review and Future Directions

Host based Intrusion Detection System (HIDS) is an effective last line of defense for defending against cyber security attacks after perimeter defenses (e.g., Network based Intrusion Detection System and Firewall) have failed or been bypassed. HIDS is widely adopted in the industry as HIDS is ranked among the top two most used security tools by Security Operation Centers (SOC) of organizations. Although effective and efficient HIDS is highly desirable for industrial organizations, the evolution of increasingly complex attack patterns causes several challenges resulting in performance degradation of HIDS (e.g., high false alert rate creating alert fatigue for SOC staff). Since Natural Language Processing (NLP) methods are better suited for identifying complex attack patterns, an increasing number of HIDS are leveraging the advances in NLP that have shown effective and efficient performance in precisely detecting low footprint, zero day attacks and predicting the next steps of attackers. This active research trend of using NLP in HIDS demands a synthesized and comprehensive body of knowledge of NLP based HIDS. Thus, we conducted a systematic review of the literature on the end to end pipeline of the use of NLP in HIDS development. For the end to end NLP based HIDS development pipeline, we identify, taxonomically categorize and systematically compare the state of the art of NLP methods usage in HIDS, attacks detected by these NLP methods, datasets and evaluation metrics which are used to evaluate the NLP based HIDS. We highlight the relevant prevalent practices, considerations, advantages and limitations to support the HIDS developers. We also outline the future research directions for the NLP based HIDS development

An FPGA-based divider circuit using simulated annealing algorithm

Division is considered as the slowest and most difficult operation among four basic operations in microprocessors. This paper proposes a unique division algorithm using a new approach of simulated annealing algorithm. A heuristic function is proposed to determine the global and local optimum value, whereas the conventional approaches use random values to reach the target value. In addition, a new temperature schedule is introduced for faster computation of global maxima/minima. The proposed simulated annealing performs better than the best known existing method of simulated annealing algorithm for smooth energy landscape due to the introduction of a new goal-based temperature. Thus, the proposed division algorithm computes the current partial remainder and quotient bits simultaneously per iteration which reduces the delay of the proposed divider circuit significantly. Moreover, the proposed divider circuit requires only two operations per iteration, whereas the exiting best one requires three operations per iteration. The proposed divider circuit is coded in VHDL and implemented in a Virtex-6 platform targeting XC6VLX75T Xilinx FPGA with a -3 speed grade by using ISE 13.1. The proposed divider circuit achieves an improvement of 36.17% and 44.67% respectively in terms of LUTs and delay factor for a 256 by 128 bit division over the best known contemporary FPGA-based divider circuit. It can be used into the designs of arithmetic logic unit, image processing and robotics system. The experimental result indicates that the divider takes fewer resources, and its performance is steady and reliable