LEoNIDS: A Low-Latency and Energy-Efficient Network-Level Intrusion Detection System

摘要

Over the past decade, design and implementation of low-power systems has received significant attention. While it started with data centers and battery-operated mobile devices, it has recently branched to core network devices such as routers. However, this emerging need for low-power system design has not been studied for security systems, which are becoming increasingly important today. Toward this direction, we aim to reduce the power consumption of network-level intrusion detection systems (NIDS), which are used to improve the secure operation of modern computer networks. Unfortunately, traditional approaches to low-power system design, such as frequency scaling, lead to a disproportionate increase in packet processing and queuing times. In this paper, we show that this increase has a negative impact on the detection latency and impedes a timely reaction. To address this issue, we present a low-latency and energy-efficient NIDS (LEoNIDS): an architecture that resolves the energy-latency tradeoff by providing both low power consumption and low detection latency at the same time. The key idea is to identify the packets that are more likely to carry an attack and give them higher priority so as to achieve low attack detection latency. Our results indicate that LEoNIDS consumes power comparable to a state-of-the-art low-power design, while, at the same time, achieving up to an order of magnitude faster attack detection.