Moving Network Protection from Software to Hardware: An Energy Efficiency Analysis

@article{Franca2014MovingNP,
  title={Moving Network Protection from Software to Hardware: An Energy Efficiency Analysis},
  author={Andre Luiz Pereira de Franca and Ricardo P. Jasinski and Volnei A. Pedroni and Altair Olivo Santin},
  journal={2014 IEEE Computer Society Annual Symposium on VLSI},
  year={2014},
  pages={456-461}
}
Software-based network security is constantly challenged by the increase in network speeds and number of attacks. At the same time, mobile network access underscores the need for energy efficiency. In this paper, we present a new way to improve the throughput and to reduce the energy consumption of an anomaly-based intrusion detection system for probing attacks. Our framework implements the same classifier algorithm in software (C++) and in hardware (synthesizable VHDL), and then compares the… Expand
The energy cost of network security: A hardware vs. software comparison
TLDR
This paper evaluates three machine learning classifiers (Decision Tree, Naive Bayes, and k-Nearest Neighbors), implemented in hardware and software, for the detection of probing attacks, showing the tradeoffs between energy consumption, throughput, and accuracy. Expand
Towards an Energy-Efficient Anomaly-Based Intrusion Detection Engine for Embedded Systems
TLDR
It is demonstrated that a hardware (HW) implementation of network security algorithms can significantly reduce their energy consumption compared to an equivalent software (SW) version. Expand
Network Intrusion Detection Using Neural Networks on FPGA SoCs
  • L. Ioannou, Suhaib A. Fahmy
  • Computer Science
  • 2019 29th International Conference on Field Programmable Logic and Applications (FPL)
  • 2019
TLDR
This work presents an approach for network intrusion detection using neural networks, implemented on FPGA SoC devices that can achieve the required performance on embedded systems. Expand
HA-IDS: A heterogeneous anomaly-based intrusion detection system
TLDR
This work proves that this is promising to take advantages of these two platforms to apply to a particular issue and shows that the training outcome on GPU is faster than that on CPU by up to 12x. Expand
Mimic Encryption System for Network Security
TLDR
A mimic encryption system for network security that can effectively prevent the leakage of user data and resist network sniffing, vulnerability attacks, exhaustive key search attacks, and ciphertext-only attacks is proposed. Expand
IMLADS: Intelligent Maintenance and Lightweight Anomaly Detection System for Internet of Things
TLDR
This paper develops an Intelligent Maintenance and Lightweight Anomaly Detection System (IMLADS) for efficient security management of the IoT and designs agents to perform suitable response policies for system maintenance and abnormal behavior control based on the anomaly mining results. Expand
A Survey on FPGA Support for the Feasible Execution of Virtualized Network Functions
TLDR
This work surveys previous work covering the use of FPGAs in the NFV context, and discusses the main open research challenges that must be addressed before FPGA adoption in NFV infrastructures becomes effectively seamless and efficient. Expand
Energy-Efficient Hardware Caching Decision Using Fuzzy Logic in Mobile Edge Computing
TLDR
A novel solution based on a hardware implementation that uses Field-Programmable Gate Array (FPGA) as an alternative computational architecture that cuts overall energy requirements and the server load of the edge devices by using an FPGA implementation for fuzzy logic caching decision. Expand
Decision Tree-Based Multiple Classifier Systems: An FPGA Perspective
TLDR
To the best of the authors' knowledge, no paper in the literature takes into account the multiple classifier scheme as additional design parameter, mainly because of lack of efficient hardware combiner architecture. Expand
Bridging the Band Gap: What Device Physicists Need to Know About Machine Learning
TLDR
There is broadly lower performance of ML accelerators based on novel devices and materials when compared to those based on digital complimentary metal-oxide semiconductor (CMOS) technology, particularly in the MNIST optical character recognition task, a common ML benchmark. Expand

References

SHOWING 1-10 OF 14 REFERENCES
A Survey on the Application of FPGAs for Network Infrastructure Security
TLDR
A survey of the state-of-art in FPGA-based implementations that have been used in the network infrastructure security area, categorizing currently existing diverse implementations and hoping it will inspire more active research in this area. Expand
Power Consumption Estimations vs Measurements for FPGA-Based Security Cores
TLDR
Although Altera's PowerPlay power estimation tool gene/rated more accurate results than Xilinx's Xpower tool, none of them seems to be yet mature enough for the very demanding security era. Expand
Investigating Energy and Security Trade-offs in the Classroom with the Atom LEAP Testbed
TLDR
The Atom LEAP was used as the foundation for CS 188, an undergraduate research seminar investigating potential trade-offs between security and energy consumption in a hypothetical, battery-powered tablet device, and the potential savings from offloading security computation and enabling user-level applications to modulate their security behavior based on battery capacity and environmental security. Expand
Intrusion detection by machine learning: A review
TLDR
This chapter reviews 55 related studies in the period between 2000 and 2007 focusing on developing single, hybrid, and ensemble classifiers and discusses current achievements and limitations in developing intrusion detection systems by machine learning. Expand
Data Mining Methods for Network Intrusion Detection
TLDR
It is proposed that the solution to this problem is the application of an ensemble of data mining techniques which can be applied to network connection data in an offline environment, augmenting existing real-time sensors. Expand
Guide to Computer Network Security
  • J. M. Kizza
  • Computer Science
  • Computer Communications and Networks
  • 2015
TLDR
This authoritative Guide to Computer Network Security explores computer network infrastructures and protocol design security flaws, and discusses current security solutions and best practices in both fixed and mobile computer networks. Expand
The use of computational intelligence in intrusion detection systems: A review
TLDR
An overview of the research progress in applying CI methods to the problem of intrusion detection is provided, including core methods of CI, including artificial neural networks, fuzzy systems, evolutionary computation, artificial immune systems, swarm intelligence, and soft computing. Expand
Evaluation of data mining techniques for suspicious network activity classification using honeypots data
TLDR
This work applies and evaluates some data mining techniques in a reduced number of attributes on some log data sets acquired from a real network and a honeypot, in order to classify traffic logs as normal or suspicious. Expand
Energy Consumption of Personal Computing Including Portable Communication Devices
In light of the increased awareness of global energy consumption, questions are being asked about the energy contribution of computing equipment. Although studies have documented the share of energyExpand
Visual networking index: Forecast and methodology
  • Cisco, Tech. Rep
  • 2013
...
1
2
...