Article Preview
TopIntroduction
An intrusion detection system (IDS) provides active network security protection mechanisms that detect network anomalies to mitigate cybercriminal activities (Liang et al., 2019). An IDS keeps track of all incoming and outgoing network traffic to detect malicious packets (Liu & Lang, 2019; Rajasekaran, 2020; Taher et al., 2019). However, the basic operation of IDS through packet inspection and analysis burdens packet routing (Migliardi & Merlo, 2013). This leads to high memory and energy consumption, thereby reducing the reliability of the network traffic (Xia et al., 2015). The active exchanges of data between nodes on the network also degrade network performance (Manthira & Rajeswari, 2013). Thus, although intrusion detection systems offer predictive attack detection, conducting deep packet inspection increases the utilization of computing resources at the network element level (Baddar et al., 2018). Therefore, in the design of IDS, consideration should be made not only of the typologies (host-based IDS or network-based IDS) and the identification methods (anomaly-based IDS or signature-based IDS) but also of the algorithms that perform the packet inspection and analysis. These algorithms can have significant impacts on the overall network by consuming considerable amounts of energy and memory. This may decrease network Quality of Service (QoS). For instance, when the IDS consumes a large number of resources, the system will run out of resources and packet loss may occur. Eventually the network cannot provide services to the existing network traffic. Even with the introduction of large-scale computing devices, the extensive use of computer services can cause high energy misuse (Jiang & Xu, 2017).
In most computing systems, the central processing unit (CPU) and main memory are the two major sources of high energy consumption. Dayarathna et al. (2016) estimates that CPU consumes about 30%–60% of energy while the main memory uses 28%–40%. Thus, the CPU and memory usage are crucial performance variables for assessing the performance of IDS. Currently, much attention is focused on the architecture and deployment of low-power consumption systems for efficient energy performance of security systems (Tsikoudis et al., 2016). However, the energy and memory requirements of the algorithms implemented on these systems are still largely unchanged (Rashid et al., 2015). Accordingly, reducing the power consumption of network security solutions such as network intrusion detection systems (NIDS) decreases the operating costs of the devices (Tsikoudis et al., 2016). Besides, with machine learning algorithms analyzing network traffic, errors may be caused by memory depletion. This results in massive wastage of computational power as well as a substantial drop in process performance (Gao & Lin, 2020). Consequently, the memory and energy consumption of computing systems have become increasingly important (Zhang et al., 2021).