Due to the proliferation of wideband and Internet technologies in the last decade, the risk of security threats hidden in single packets arose. This had taken ISP networks to the adoption of Intrusion Detection Systems, enhancing the basic routing with packets inspection, in order to provide a secure connection service. Currently, packet analysis is provided by almost each ISP but it has a high impact in term of performance and energy consumption; this makes the choice of the optimal IDS strategy both a key and non-trivial issue. To this aim, IDS strategies have been deeply investigated in term of performance, while the assessment of the energy consumption is quite unexplored. In this paper, we propose the first attempt towards the assessment of the energy impact of security solutions. In particular, we provide a general model for evaluating the energy cost of distributed packet inspection in IDS and we show how it can be applied to two sample IDS strategies, in order to evaluate the energy leakage due to a late discovery of rogue packets.
Modeling the energy consumption of an IDS: a step towards Green Security
MIGLIARDI, MAURO;
2011
Abstract
Due to the proliferation of wideband and Internet technologies in the last decade, the risk of security threats hidden in single packets arose. This had taken ISP networks to the adoption of Intrusion Detection Systems, enhancing the basic routing with packets inspection, in order to provide a secure connection service. Currently, packet analysis is provided by almost each ISP but it has a high impact in term of performance and energy consumption; this makes the choice of the optimal IDS strategy both a key and non-trivial issue. To this aim, IDS strategies have been deeply investigated in term of performance, while the assessment of the energy consumption is quite unexplored. In this paper, we propose the first attempt towards the assessment of the energy impact of security solutions. In particular, we provide a general model for evaluating the energy cost of distributed packet inspection in IDS and we show how it can be applied to two sample IDS strategies, in order to evaluate the energy leakage due to a late discovery of rogue packets.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.