Moving Network Protection from Software to Hardware: An Energy Efficiency Analysis

  title={Moving Network Protection from Software to Hardware: An Energy Efficiency Analysis},
  author={Andre Luiz Pereira de Franca and Ricardo P. Jasinski and Volnei A. Pedroni and Altair Olivo Santin},
  journal={2014 IEEE Computer Society Annual Symposium on VLSI},
Software-based network security is constantly challenged by the increase in network speeds and number of attacks. At the same time, mobile network access underscores the need for energy efficiency. In this paper, we present a new way to improve the throughput and to reduce the energy consumption of an anomaly-based intrusion detection system for probing attacks. Our framework implements the same classifier algorithm in software (C++) and in hardware (synthesizable VHDL), and then compares the… 
The energy cost of network security: A hardware vs. software comparison
This paper evaluates three machine learning classifiers (Decision Tree, Naive Bayes, and k-Nearest Neighbors), implemented in hardware and software, for the detection of probing attacks, showing the tradeoffs between energy consumption, throughput, and accuracy.
Towards an Energy-Efficient Anomaly-Based Intrusion Detection Engine for Embedded Systems
It is demonstrated that a hardware (HW) implementation of network security algorithms can significantly reduce their energy consumption compared to an equivalent software (SW) version.
Network Intrusion Detection Using Neural Networks on FPGA SoCs
  • L. Ioannou, Suhaib A. Fahmy
  • Computer Science
    2019 29th International Conference on Field Programmable Logic and Applications (FPL)
  • 2019
This work presents an approach for network intrusion detection using neural networks, implemented on FPGA SoC devices that can achieve the required performance on embedded systems.
HA-IDS: A heterogeneous anomaly-based intrusion detection system
This work proves that this is promising to take advantages of these two platforms to apply to a particular issue and shows that the training outcome on GPU is faster than that on CPU by up to 12x.
Mimic Encryption System for Network Security
A mimic encryption system for network security that can effectively prevent the leakage of user data and resist network sniffing, vulnerability attacks, exhaustive key search attacks, and ciphertext-only attacks is proposed.
IMLADS: Intelligent Maintenance and Lightweight Anomaly Detection System for Internet of Things
This paper develops an Intelligent Maintenance and Lightweight Anomaly Detection System (IMLADS) for efficient security management of the IoT and designs agents to perform suitable response policies for system maintenance and abnormal behavior control based on the anomaly mining results.
A Survey on FPGA Support for the Feasible Execution of Virtualized Network Functions
This work surveys previous work covering the use of FPGAs in the NFV context, and discusses the main open research challenges that must be addressed before FPGA adoption in NFV infrastructures becomes effectively seamless and efficient.
Energy-Efficient Hardware Caching Decision Using Fuzzy Logic in Mobile Edge Computing
A novel solution based on a hardware implementation that uses Field-Programmable Gate Array (FPGA) as an alternative computational architecture that cuts overall energy requirements and the server load of the edge devices by using an FPGA implementation for fuzzy logic caching decision.
Decision Tree-Based Multiple Classifier Systems: An FPGA Perspective
To the best of the authors' knowledge, no paper in the literature takes into account the multiple classifier scheme as additional design parameter, mainly because of lack of efficient hardware combiner architecture.
Bridging the Band Gap: What Device Physicists Need to Know About Machine Learning
There is broadly lower performance of ML accelerators based on novel devices and materials when compared to those based on digital complimentary metal-oxide semiconductor (CMOS) technology, particularly in the MNIST optical character recognition task, a common ML benchmark.


A Survey on the Application of FPGAs for Network Infrastructure Security
A survey of the state-of-art in FPGA-based implementations that have been used in the network infrastructure security area, categorizing currently existing diverse implementations and hoping it will inspire more active research in this area.
Power Consumption Estimations vs Measurements for FPGA-Based Security Cores
Although Altera's PowerPlay power estimation tool gene/rated more accurate results than Xilinx's Xpower tool, none of them seems to be yet mature enough for the very demanding security era.
Investigating Energy and Security Trade-offs in the Classroom with the Atom LEAP Testbed
The Atom LEAP was used as the foundation for CS 188, an undergraduate research seminar investigating potential trade-offs between security and energy consumption in a hypothetical, battery-powered tablet device, and the potential savings from offloading security computation and enabling user-level applications to modulate their security behavior based on battery capacity and environmental security.
Intrusion detection by machine learning: A review
This chapter reviews 55 related studies in the period between 2000 and 2007 focusing on developing single, hybrid, and ensemble classifiers and discusses current achievements and limitations in developing intrusion detection systems by machine learning.
Data Mining Methods for Network Intrusion Detection
It is proposed that the solution to this problem is the application of an ensemble of data mining techniques which can be applied to network connection data in an offline environment, augmenting existing real-time sensors.
Guide to Computer Network Security
  • J. M. Kizza
  • Computer Science
    Computer Communications and Networks
  • 2015
This authoritative Guide to Computer Network Security explores computer network infrastructures and protocol design security flaws, and discusses current security solutions and best practices in both fixed and mobile computer networks.
The use of computational intelligence in intrusion detection systems: A review
An overview of the research progress in applying CI methods to the problem of intrusion detection is provided, including core methods of CI, including artificial neural networks, fuzzy systems, evolutionary computation, artificial immune systems, swarm intelligence, and soft computing.
Evaluation of data mining techniques for suspicious network activity classification using honeypots data
This work applies and evaluates some data mining techniques in a reduced number of attributes on some log data sets acquired from a real network and a honeypot, in order to classify traffic logs as normal or suspicious.
Energy Consumption of Personal Computing Including Portable Communication Devices
In light of the increased awareness of global energy consumption, questions are being asked about the energy contribution of computing equipment. Although studies have documented the share of energy
Visual networking index: Forecast and methodology
  • Cisco, Tech. Rep
  • 2013