Advertisement

NetStage/DPR: A Self-adaptable FPGA Platform for Application-Level Network Security

  • Sascha Mühlbach
  • Andreas Koch
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6578)

Abstract

Increasing transmission speeds in high-performance networks pose significant challenges to protecting the systems and networking infrastructure. Reconfigurable devices have already been used with great success to implement lower-levels of appropriate security measures (e.g., deep-packet inspection). We present a reconfigurable processing architecture capable of handling even application-level tasks, and also able to autonomously adapt itself to varying traffic patterns using dynamic partial reconfiguration. As a first use-case, we examine the collection of Malware by emulating an entire honeynet of potentially hundreds of thousands of hosts using a single-chip implementation of the architecture.

Keywords

Intrusion Detection System Packet Forward Incoming Packet Adaptation Engine Rule Table 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Alserhani, F., Akhlaq, M., Awan, I.U., Mellor, J., Cullen, A.J., Mirchandani, P.: Evaluating Intrusion Detection Systems in High Speed Networks. In: Proc. of the 5th. Intl. Conf. on Information Assurance and Security, vol. 02, pp. 454–459 (2009)Google Scholar
  2. 2.
    Flynn, A., Gordon-Ross, A., George, A.D.: Bitstream relocation with local clock domains for partially reconfigurable FPGAs. In: Proc. of the Conference on Design, Automation and Test in Europe, pp. 300–303 (2009)Google Scholar
  3. 3.
    Hori, Y., Satoh, A., Sakane, H., Toda, K.: Bitstream Encryption and Authentication Using AES-GCM in Dynamically Reconfigurable Systems. In: Proc. of the 3rd Intl. Workshop on Security, pp. 261–278 (2008)Google Scholar
  4. 4.
    Katashita, T., Yamaguchi, Y., Maeda, A., Toda, K.: FPGA-Based Intrusion Detection System for 10 Gigabit Ethernet. IEICE - Trans. Inf. Syst. E90-D, 1923–1931 (2007)CrossRefGoogle Scholar
  5. 5.
    Koch, D., Beckhoff, C., Teich, J.: Bitstream Decompression for High Speed FPGA Configuration from Slow Memories. In: Proc. of the Intl. Conference on Field-Programmable Technology (2007)Google Scholar
  6. 6.
    Litchfield, D.: Microsoft SQL Server 2000 Unauthenticated System Compromise (2000), http://marc.info/?l=bugtraq&m=102760196931518&w=2
  7. 7.
    Liu, M., Kuehn, W., Lu, Z., Jantsch, A.: Run-time Partial Reconfiguration Speed Investigation and Architectural Design Space Exploration. In: Proc. of the Intl. Conference on Field Programmable Logic and Applications (2009)Google Scholar
  8. 8.
    Mühlbach, S., Brunner, M., Roblee, C., Koch, A.: Malcobox: Designing a 10 gb/s malware collection honeypot using reconfigurable technology. In: Proc. of the 20th Intl. Conf. on Field Programmable Logic and Applications, pp. 592–595 (2010)Google Scholar
  9. 9.
    Mühlbach, S., Koch, A.: A dynamically reconfigured network platform for high-speed malware collection. In: Proc. of the Intl. Conf. on ReConFigurable Computing and FPGAs (2010)Google Scholar
  10. 10.
    Pejovic, V., Kovacevic, I., Bojanic, S., Leita, C., Popovic, J., Nieto-Taladriz, O.: Migrating a Honeypot to Hardware. In: Proc. of the Intl. Conf. on Emerging Security Information, Systems, and Technologies, pp. 151–156 (2007)Google Scholar
  11. 11.
    Singaraju, J., Chandy, J.A.: FPGA based string matching for network processing applications. Microprocessors and Microsystems 32(4), 210–222 (2008)CrossRefGoogle Scholar
  12. 12.
    Thumann, M.: Buffer Overflow in SIP Foundry’s SipXtapi (2006), http://www.securityfocus.com/archive/1/439617

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Sascha Mühlbach
    • 1
  • Andreas Koch
    • 2
  1. 1.Secure Things GroupCenter for Advanced Security Research Darmstadt (CASED)Germany
  2. 2.Embedded Systems and Applications Group, Dept. of Computer ScienceTechnische Universität DarmstadtGermany

Personalised recommendations