There appears to be a dearth of research on the utilization of homomorphic encryption in network intrusion detection, particularly in the analysis of private network data and the development of intrusion detection models based on encrypted data or private inference. Although there are numerous studies on the application of homomorphic encryption in private medical data analysis, the same cannot be said for network traffic analysis. I am interested in exploring this area and investigating how homomorphic encryption can be employed to construct a secure IDS model from confidential data for my PhD research. however, I am afraid that it is not feasible. I need the professional's opinion in this regard.
Thanks
Hi Tahira Khoram,
Good Point you have addressed. The main purpose of IDS is to detect the intrusion. And Sometimes in the IDS the traffic will be too much.
Homomorphic encryption is a very good technique to do the processing on the encrypted data itself. At the same time, it's hard to achieve the performance while we talk about IDS.
For medical data, security is more important than the performance. In case of IDS, more than security, performance is important.
Even if you put homomorphic encryption on IDS, what will happen? the task of IDS is to analyze the pattern and behavior of malware. if it finds a particular syntax or pattern, it will say there is an intrusion. how will you put homomorphic encryption? how will you make the IDS do the computation on encrypted malware signature? more efforts needs to be made.
Thank you Krunalkumar Shah
I have been considering the development of an anomaly-based IDS model that utilizes ML algorithms. The model could be trained on homomorphically encrypted data, which would enable it to learn patterns of intrusion from encrypted traffic data without compromising privacy. This would offer an alternative to current IDS methods that rely on either signature-based or anomaly-based models trained on synthetic data, as actual network traffic data is not typically used due to privacy concerns. Alternatively, homomorphic encryption could also be used in outsourcing security analysis to a third-party cloud, ensuring the privacy of the data being analyzed.
That's true Tahira Khoram But again the point is, if you use homomorphic encryption, it would affect the performance and throughput. I agree, it will add the security but the time taken to do the computation would affect the availability.
- Badges
- Science topic
- Similar topics
- Geoscience
- Cartography
- Mapping