Design and implementation of an anomaly-based network intrusion detection system utilizing the DNA model

The genetic material that encodes the unique characteristics of each individual such as gender, eye color, and other human features is the well-known DNA. In this work, we introduce an anomaly intrusion detection system, built on the notion of a DNA sequence or gene, which is responsible for the normal network traffic patterns. Subsequently, the system detects suspicious activities by searching the "normal behavior DNA sequence" through string matching. On the other hand, string matching is a computationally intensive task and can be converted into a potential bottleneck without high-speed processing. Furthermore, conventional software-implemented string matching algorithms have not kept pace with the ever increasing network speeds. As a result, we adopt a monitoring phase that is hardware-implemented with the intention that DNA pattern matching is performed at wire-speed. Finally, we provide the details of our FPGA implementation of the bioinformatics-based string matching technique.