Modeling the energy consumption of Distributed IDS: a step towards Green Security

ABSTRACT – Due to the proliferation of wideband and Internet technologies in the last decade, the risk of security threats hidden in single packets arose. This had taken ISP networks to the adoption of Intrusion Detection Systems, enhancing the basic routing with packets inspection, in order to provide a secure connection service. Currently, packet analysis is provided by almost each ISP but it has a high impact in term of performance and energy consumption; this makes the choice of the optimal IDS strategy both a key and non-trivial issue. To this aim, IDS strategies have been deeply investigated in term of performance, while the assessment of the energy consumption is quite unexplored. In this paper, we propose the first attempt towards the assessment of the energy impact of security solutions. In particular, we provide a general model for evaluating the energy cost of distributed packet inspection in IDS and we show how it can be applied to two sample IDS strategies, in order to evaluate the energy leakage due to a late discovery of rogue packets.