A study on characterizing energy, latency and security for Intrusion Detection Systems on heterogeneous embedded platforms

IF 6.2 2区 计算机科学 Q1 COMPUTER SCIENCE, THEORY & METHODS
Camélia Slimani , Louis Morge-Rollet , Laurent Lemarchand , David Espes , Frédéric Le Roy , Jalil Boukhobza
{"title":"A study on characterizing energy, latency and security for Intrusion Detection Systems on heterogeneous embedded platforms","authors":"Camélia Slimani ,&nbsp;Louis Morge-Rollet ,&nbsp;Laurent Lemarchand ,&nbsp;David Espes ,&nbsp;Frédéric Le Roy ,&nbsp;Jalil Boukhobza","doi":"10.1016/j.future.2024.07.051","DOIUrl":null,"url":null,"abstract":"<div><p>Drone swarms are increasingly being used for critical missions and need to be protected against malicious users. Intrusion Detection Systems (IDS) are used to analyze network traffic in order to detect possible threats. Modern IDSs rely on machine learning models for this purpose. Optimizing the execution of resource-hungry IDS algorithms on resource-constrained drone devices, in terms of energy consumption, response time, memory footprint and guaranteed level of security, allows to extend the duration of missions. In addition, the embedded platforms used in drones often incorporate heterogeneous computing platforms on which IDSs could be executed. In this paper, we present a methodology and results about characterizing the execution of different IDS models on various processing elements, namely, Central Processing Units (CPU), Graphical Processing Units (GPU), Deep Learning Accelerators (DLA) and Field-Programmable Gate Array (FPGA). In effect, drones operate in different mission contexts in terms of criticality level, energy and memory budgets, and traffic load, so it is important to identify which IDS model to run on which processing element in a given context. For this sake, we evaluated several metrics on different platforms: energy and resource consumption, accuracy for malicious traffic detection and response time. Different models, namely Random Forests (RF), Convolutional Neural Networks (CNN) and Dense Neural Networks (DNN), have been implemented and characterized on different processing elements/platforms. This study has shown that relating the chosen implementation to the resources available on the drone is a judicious strategy to work on. It highlights the disparity between IDS implementations characteristics. For example, the inference time ranges from <span><math><mrow><mn>1</mn><mo>.</mo><mn>27</mn><mspace></mspace><mi>μ</mi><mi>s</mi></mrow></math></span> to 30 ms, the energy consumption per inference is between <span><math><mrow><mn>10</mn><mo>.</mo><mn>7</mn><mspace></mspace><mi>μ</mi><mi>J</mi></mrow></math></span> and 70 mJ, and the accuracy of the IDS models is between 65.73% and 81.59%. In addition, we develop a set of guidelines for choosing the best IDS model given a mission context.</p></div>","PeriodicalId":55132,"journal":{"name":"Future Generation Computer Systems-The International Journal of Escience","volume":null,"pages":null},"PeriodicalIF":6.2000,"publicationDate":"2024-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Future Generation Computer Systems-The International Journal of Escience","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167739X24004242","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 0

Abstract

Drone swarms are increasingly being used for critical missions and need to be protected against malicious users. Intrusion Detection Systems (IDS) are used to analyze network traffic in order to detect possible threats. Modern IDSs rely on machine learning models for this purpose. Optimizing the execution of resource-hungry IDS algorithms on resource-constrained drone devices, in terms of energy consumption, response time, memory footprint and guaranteed level of security, allows to extend the duration of missions. In addition, the embedded platforms used in drones often incorporate heterogeneous computing platforms on which IDSs could be executed. In this paper, we present a methodology and results about characterizing the execution of different IDS models on various processing elements, namely, Central Processing Units (CPU), Graphical Processing Units (GPU), Deep Learning Accelerators (DLA) and Field-Programmable Gate Array (FPGA). In effect, drones operate in different mission contexts in terms of criticality level, energy and memory budgets, and traffic load, so it is important to identify which IDS model to run on which processing element in a given context. For this sake, we evaluated several metrics on different platforms: energy and resource consumption, accuracy for malicious traffic detection and response time. Different models, namely Random Forests (RF), Convolutional Neural Networks (CNN) and Dense Neural Networks (DNN), have been implemented and characterized on different processing elements/platforms. This study has shown that relating the chosen implementation to the resources available on the drone is a judicious strategy to work on. It highlights the disparity between IDS implementations characteristics. For example, the inference time ranges from 1.27μs to 30 ms, the energy consumption per inference is between 10.7μJ and 70 mJ, and the accuracy of the IDS models is between 65.73% and 81.59%. In addition, we develop a set of guidelines for choosing the best IDS model given a mission context.

异构嵌入式平台上入侵检测系统的能量、延迟和安全性特征研究
无人机群越来越多地用于执行关键任务,因此需要防范恶意用户。入侵检测系统(IDS)用于分析网络流量,以检测可能存在的威胁。现代 IDS 依靠机器学习模型来实现这一目的。在能源消耗、响应时间、内存占用和保证的安全级别方面,在资源受限的无人机设备上优化执行资源消耗大的 IDS 算法,可以延长任务的持续时间。此外,无人机中使用的嵌入式平台通常包含异构计算平台,可以在这些平台上执行 IDS。在本文中,我们介绍了在各种处理元件(即中央处理器(CPU)、图形处理单元(GPU)、深度学习加速器(DLA)和现场可编程门阵列(FPGA))上执行不同 IDS 模型的方法和结果。实际上,无人机在不同的任务环境中工作,其关键程度、能源和内存预算以及流量负载都不尽相同,因此,确定在特定环境中运行哪种 IDS 模型、在哪种处理元件上运行非常重要。为此,我们在不同平台上评估了几个指标:能源和资源消耗、恶意流量检测的准确性和响应时间。我们在不同的处理元件/平台上实施了不同的模型,即随机森林(RF)、卷积神经网络(CNN)和密集神经网络(DNN)。这项研究表明,将所选的实现方式与无人机上的可用资源联系起来是一种明智的工作策略。它突出了 IDS 实现特性之间的差异。例如,推理时间从 1.27μs 到 30 ms 不等,每次推理的能耗在 10.7μJ 到 70 mJ 之间,IDS 模型的准确率在 65.73% 到 81.59% 之间。此外,我们还开发了一套指南,用于在任务环境下选择最佳 IDS 模型。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
CiteScore
19.90
自引率
2.70%
发文量
376
审稿时长
10.6 months
期刊介绍: Computing infrastructures and systems are constantly evolving, resulting in increasingly complex and collaborative scientific applications. To cope with these advancements, there is a growing need for collaborative tools that can effectively map, control, and execute these applications. Furthermore, with the explosion of Big Data, there is a requirement for innovative methods and infrastructures to collect, analyze, and derive meaningful insights from the vast amount of data generated. This necessitates the integration of computational and storage capabilities, databases, sensors, and human collaboration. Future Generation Computer Systems aims to pioneer advancements in distributed systems, collaborative environments, high-performance computing, and Big Data analytics. It strives to stay at the forefront of developments in grids, clouds, and the Internet of Things (IoT) to effectively address the challenges posed by these wide-area, fully distributed sensing and computing systems.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信