b'Secure and resilient machineImplementing machine learning in special purpose hardware learning system for detectingachieves high detection speed and accuracy for cyberattacks and fifth-generation attacksenables real-time network security for equipment and switches.including zero-day attacks N etwork packet classification for fifth-generation (5G) attack detection and anomaly detection is difficult to achieve with high classification speed: conventional rule-based classification systems are not scalable to 5G for high accuracy. Machine learning classification can be highly accurate, but standard implementations are performance limited and can require hundreds of milliseconds to perform a single classification. This project pushed machine learning algorithms to a special purpose hardware implementation to achieve the high classification speed PROJECT NUMBER:(10,000 packets per second) at high accuracy (90%) for widely deployable 22A1059-018FP solutions that can detect anomalous behavior such as zero-day attacks as well as identify and classify packets from known strike vectors. TOTAL APPROVED AMOUNT: $725,000 over 2 years This project adopted two orthogonal approaches to identify malicious intent among network packet payloads: clustering and classification. The clustering approach is PRINCIPAL INVESTIGATOR:entirely unsupervised while the classification approach is supervised. When operating in Matthew Anderson tandem, the chance of a false positive significantly decreases while enabling real-time CO-INVESTIGATORS: 5G network security for a wide range of user equipment and switches. Kurt Derr, INLShad Staples, INLOutput from field-programmable gate array monitoring a mirrored line with both normal and anomalous network packet payloads. The three-dimensional location of each payload is determined by the clustering algorithm while the color of each payload is determined by the classification algorithm. Payloads that are both poorly clustered and red are anomalous network packet payloads requiring a real-time alert and sequestering. Both kernels on the field-programmable gate array operate concurrently and independently of each other in real-time.118'