ARC 2011: Reconfigurable Computing: Architectures, Tools and Applications pp 328-339 | Cite as
NetStage/DPR: A Self-adaptable FPGA Platform for Application-Level Network Security
Abstract
Increasing transmission speeds in high-performance networks pose significant challenges to protecting the systems and networking infrastructure. Reconfigurable devices have already been used with great success to implement lower-levels of appropriate security measures (e.g., deep-packet inspection). We present a reconfigurable processing architecture capable of handling even application-level tasks, and also able to autonomously adapt itself to varying traffic patterns using dynamic partial reconfiguration. As a first use-case, we examine the collection of Malware by emulating an entire honeynet of potentially hundreds of thousands of hosts using a single-chip implementation of the architecture.
Keywords
Intrusion Detection System Packet Forward Incoming Packet Adaptation Engine Rule TablePreview
Unable to display preview. Download preview PDF.
References
- 1.Alserhani, F., Akhlaq, M., Awan, I.U., Mellor, J., Cullen, A.J., Mirchandani, P.: Evaluating Intrusion Detection Systems in High Speed Networks. In: Proc. of the 5th. Intl. Conf. on Information Assurance and Security, vol. 02, pp. 454–459 (2009)Google Scholar
- 2.Flynn, A., Gordon-Ross, A., George, A.D.: Bitstream relocation with local clock domains for partially reconfigurable FPGAs. In: Proc. of the Conference on Design, Automation and Test in Europe, pp. 300–303 (2009)Google Scholar
- 3.Hori, Y., Satoh, A., Sakane, H., Toda, K.: Bitstream Encryption and Authentication Using AES-GCM in Dynamically Reconfigurable Systems. In: Proc. of the 3rd Intl. Workshop on Security, pp. 261–278 (2008)Google Scholar
- 4.Katashita, T., Yamaguchi, Y., Maeda, A., Toda, K.: FPGA-Based Intrusion Detection System for 10 Gigabit Ethernet. IEICE - Trans. Inf. Syst. E90-D, 1923–1931 (2007)CrossRefGoogle Scholar
- 5.Koch, D., Beckhoff, C., Teich, J.: Bitstream Decompression for High Speed FPGA Configuration from Slow Memories. In: Proc. of the Intl. Conference on Field-Programmable Technology (2007)Google Scholar
- 6.Litchfield, D.: Microsoft SQL Server 2000 Unauthenticated System Compromise (2000), http://marc.info/?l=bugtraq&m=102760196931518&w=2
- 7.Liu, M., Kuehn, W., Lu, Z., Jantsch, A.: Run-time Partial Reconfiguration Speed Investigation and Architectural Design Space Exploration. In: Proc. of the Intl. Conference on Field Programmable Logic and Applications (2009)Google Scholar
- 8.Mühlbach, S., Brunner, M., Roblee, C., Koch, A.: Malcobox: Designing a 10 gb/s malware collection honeypot using reconfigurable technology. In: Proc. of the 20th Intl. Conf. on Field Programmable Logic and Applications, pp. 592–595 (2010)Google Scholar
- 9.Mühlbach, S., Koch, A.: A dynamically reconfigured network platform for high-speed malware collection. In: Proc. of the Intl. Conf. on ReConFigurable Computing and FPGAs (2010)Google Scholar
- 10.Pejovic, V., Kovacevic, I., Bojanic, S., Leita, C., Popovic, J., Nieto-Taladriz, O.: Migrating a Honeypot to Hardware. In: Proc. of the Intl. Conf. on Emerging Security Information, Systems, and Technologies, pp. 151–156 (2007)Google Scholar
- 11.Singaraju, J., Chandy, J.A.: FPGA based string matching for network processing applications. Microprocessors and Microsystems 32(4), 210–222 (2008)CrossRefGoogle Scholar
- 12.Thumann, M.: Buffer Overflow in SIP Foundry’s SipXtapi (2006), http://www.securityfocus.com/archive/1/439617