Snort Intrusion Detection System with Intel Software Guard Extension (Intel SGX)

Network Function Virtualization (NFV) promises the benefits of reduced infrastructure, personnel, and management costs by outsourcing network middleboxes to the public or private cloud. Unfortunately, running network functions in the cloud entails security challenges, especially for complex stateful services. In this paper, we describe our experiences with hardening the king of middleboxes - Intrusion Detection Systems (IDS) - using Intel Software Guard Extensions (Intel SGX) technology. Our IDS secured using Intel SGX, called SEC-IDS, is an unmodified Snort 3 with a DPDK network layer that achieves 10Gbps line rate. SEC-IDS guarantees computational integrity by running all Snort code inside an Intel SGX enclave. At the same time, SEC-IDS achieves near-native performance, with throughput close to 100 percent of vanilla Snort 3, by retaining network I/O outside of the enclave. Our experiments indicate that performance is only constrained by the modest Enclave Page Cache size available on current Intel SGX Skylake based E3 Xeon platforms. Finally, we kept the porting effort minimal by using the Graphene-SGX library OS. Only 27 Lines of Code (LoC) were modified in Snort and 178 LoC in Graphene-SGX itself.

💡 Research Summary

The paper presents a practical approach to hardening the most widely deployed intrusion detection system, Snort 3, for deployment in untrusted cloud environments by leveraging Intel Software Guard Extensions (SGX). The authors introduce SEC‑IDS, a version of Snort that runs its entire detection logic inside an SGX enclave while keeping the high‑throughput packet I/O path outside the enclave using the Data Plane Development Kit (DPDK). This architectural split addresses the two main challenges of SGX‑based network functions: (1) the limited size of the Enclave Page Cache (EPC), which makes frequent page swaps a performance bottleneck, and (2) the need to maintain line‑rate packet processing (10 Gbps) despite the overhead of enclave transitions.

To minimize engineering effort, the authors adopt Graphene‑SGX, a library operating system that enables unmodified Linux binaries to execute inside SGX enclaves. By using Graphene‑SGX, only 27 lines of code in Snort were altered (primarily to redirect file I/O and define the enclave entry point), and an additional 178 lines were added to Graphene‑SGX itself to support EPC management and SGX‑specific system‑call handling. This minimal code footprint demonstrates that existing open‑source middleboxes can be protected with modest changes, a key advantage for rapid adoption in production environments.

The performance evaluation focuses on two metrics: throughput and latency. In scenarios where the working set fits within the EPC (the typical case for many IDS deployments), SEC‑IDS achieves 95 %–100 % of the throughput of vanilla Snort 3, with negligible added latency. When the workload exceeds the EPC capacity, page‑fault‑driven swaps cause a sharp degradation, confirming that the current SGX hardware’s EPC size is the primary performance limiter. The authors argue that future CPUs with larger EPCs or software techniques that better manage enclave memory will alleviate this bottleneck.

From a security perspective, SEC‑IDS provides strong guarantees of code integrity and data confidentiality. All detection logic, rule matching, and alert generation occur inside the enclave, preventing a malicious cloud provider or compromised host OS from tampering with the IDS or exfiltrating sensitive inspection data. Remote attestation can be used to verify the enclave’s identity and integrity before deployment, enabling trustworthy IDS services in multi‑tenant clouds. Moreover, Graphene‑SGX’s virtual file system allows secure logging and alert export, supporting incident response and forensic analysis without exposing the enclave’s internal state.

The paper concludes that protecting stateful, performance‑critical network functions with SGX is feasible when the I/O path is kept outside the enclave and when a lightweight library OS such as Graphene‑SGX is employed. The authors suggest several avenues for future work: scaling the approach to multiple cooperating enclaves, extending the methodology to other NFV components (e.g., firewalls, load balancers), and exploring compiler‑ or runtime‑assisted techniques to reduce EPC pressure. Overall, the study provides a concrete, reproducible blueprint for deploying secure, near‑native‑performance IDS services in modern cloud infrastructures.