Department of National Defence taps Solana Networks to develop Proof-of-Concept Intrusion Detection System using Homomorphic Encryption
Solana Networks has been awarded a contract by Canada's Department of National Defense (DND) to develop a proof-of-concept (POC) Secure and Confidential Rule Matching (SCRM) tool.
Working with Carleton University, the project objective is to develop an Intrusion Detection System (IDS) which can be securely deployed in third party networks while ensuring that its rules and the outcome of the rule-vs-network traffic matching process are kept confidential from observers with access to the IDS.
The work in this first phase of the project focuses on research and prototyping to establish the viability of a SCRM IDS system using Homomorphic Encryption (HE) as the foundational element. HE enables calculations on encrypted data without requiring intermediate decryption. The result is also encrypted making it opaque to an adversary with access to the actual machine instructions being performed. The drawback of HE computation is that it is several orders of magnitude slower than regular non-encrypted computation.
The completed POC SCRM system will support a subset of well-known Suricata IDS rules including support for exact matches, wildcards, range, negation and limited regular expressions. The work during this Phase also focuses on scaling system performance towards future deployment on operational networks. The six month project will deliver a working solution which ingests PCAP network traffic files. Future iterations of the project will focus on extending the solution to work on live network traffic.
Over the last decade, many researchers worked to advance the application of HE in a number of domain areas including genome searches, cloud-based systems and searches through encrypted databases. Researchers primarily focused on the dual-privacy problem - matching an encrypted string within a large body of already encrypted data. Limited research effort focused on the single-privacy problem of matching an encrypted string against unencrypted plaintext. This work will deliver one of the first proof-of-concept Suricata-style IDS solutions which utilize Homomorphic Encryption.