Camélia Slimani , Louis Morge-Rollet , Laurent Lemarchand , David Espes , Frédéric Le Roy , Jalil Boukhobza
{"title":"A study on characterizing energy, latency and security for Intrusion Detection Systems on heterogeneous embedded platforms","authors":"Camélia Slimani , Louis Morge-Rollet , Laurent Lemarchand , David Espes , Frédéric Le Roy , Jalil Boukhobza","doi":"10.1016/j.future.2024.07.051","DOIUrl":null,"url":null,"abstract":"<div><p>Drone swarms are increasingly being used for critical missions and need to be protected against malicious users. Intrusion Detection Systems (IDS) are used to analyze network traffic in order to detect possible threats. Modern IDSs rely on machine learning models for this purpose. Optimizing the execution of resource-hungry IDS algorithms on resource-constrained drone devices, in terms of energy consumption, response time, memory footprint and guaranteed level of security, allows to extend the duration of missions. In addition, the embedded platforms used in drones often incorporate heterogeneous computing platforms on which IDSs could be executed. In this paper, we present a methodology and results about characterizing the execution of different IDS models on various processing elements, namely, Central Processing Units (CPU), Graphical Processing Units (GPU), Deep Learning Accelerators (DLA) and Field-Programmable Gate Array (FPGA). In effect, drones operate in different mission contexts in terms of criticality level, energy and memory budgets, and traffic load, so it is important to identify which IDS model to run on which processing element in a given context. For this sake, we evaluated several metrics on different platforms: energy and resource consumption, accuracy for malicious traffic detection and response time. Different models, namely Random Forests (RF), Convolutional Neural Networks (CNN) and Dense Neural Networks (DNN), have been implemented and characterized on different processing elements/platforms. This study has shown that relating the chosen implementation to the resources available on the drone is a judicious strategy to work on. It highlights the disparity between IDS implementations characteristics. For example, the inference time ranges from <span><math><mrow><mn>1</mn><mo>.</mo><mn>27</mn><mspace></mspace><mi>μ</mi><mi>s</mi></mrow></math></span> to 30 ms, the energy consumption per inference is between <span><math><mrow><mn>10</mn><mo>.</mo><mn>7</mn><mspace></mspace><mi>μ</mi><mi>J</mi></mrow></math></span> and 70 mJ, and the accuracy of the IDS models is between 65.73% and 81.59%. In addition, we develop a set of guidelines for choosing the best IDS model given a mission context.</p></div>","PeriodicalId":55132,"journal":{"name":"Future Generation Computer Systems-The International Journal of Escience","volume":null,"pages":null},"PeriodicalIF":6.2000,"publicationDate":"2024-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Future Generation Computer Systems-The International Journal of Escience","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167739X24004242","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 0
Abstract
Drone swarms are increasingly being used for critical missions and need to be protected against malicious users. Intrusion Detection Systems (IDS) are used to analyze network traffic in order to detect possible threats. Modern IDSs rely on machine learning models for this purpose. Optimizing the execution of resource-hungry IDS algorithms on resource-constrained drone devices, in terms of energy consumption, response time, memory footprint and guaranteed level of security, allows to extend the duration of missions. In addition, the embedded platforms used in drones often incorporate heterogeneous computing platforms on which IDSs could be executed. In this paper, we present a methodology and results about characterizing the execution of different IDS models on various processing elements, namely, Central Processing Units (CPU), Graphical Processing Units (GPU), Deep Learning Accelerators (DLA) and Field-Programmable Gate Array (FPGA). In effect, drones operate in different mission contexts in terms of criticality level, energy and memory budgets, and traffic load, so it is important to identify which IDS model to run on which processing element in a given context. For this sake, we evaluated several metrics on different platforms: energy and resource consumption, accuracy for malicious traffic detection and response time. Different models, namely Random Forests (RF), Convolutional Neural Networks (CNN) and Dense Neural Networks (DNN), have been implemented and characterized on different processing elements/platforms. This study has shown that relating the chosen implementation to the resources available on the drone is a judicious strategy to work on. It highlights the disparity between IDS implementations characteristics. For example, the inference time ranges from to 30 ms, the energy consumption per inference is between and 70 mJ, and the accuracy of the IDS models is between 65.73% and 81.59%. In addition, we develop a set of guidelines for choosing the best IDS model given a mission context.
期刊介绍:
Computing infrastructures and systems are constantly evolving, resulting in increasingly complex and collaborative scientific applications. To cope with these advancements, there is a growing need for collaborative tools that can effectively map, control, and execute these applications.
Furthermore, with the explosion of Big Data, there is a requirement for innovative methods and infrastructures to collect, analyze, and derive meaningful insights from the vast amount of data generated. This necessitates the integration of computational and storage capabilities, databases, sensors, and human collaboration.
Future Generation Computer Systems aims to pioneer advancements in distributed systems, collaborative environments, high-performance computing, and Big Data analytics. It strives to stay at the forefront of developments in grids, clouds, and the Internet of Things (IoT) to effectively address the challenges posed by these wide-area, fully distributed sensing and computing systems.