ACM Transactions on Computer Systems (TOCS)
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
NetFPGA--An Open Platform for Gigabit-Rate Network Switching and Routing
MSE '07 Proceedings of the 2007 IEEE International Conference on Microelectronic Systems Education
Migrating a HoneyDepot to Hardware
SECUREWARE '07 Proceedings of the The International Conference on Emerging Security Information, Systems, and Technologies
FPGA-Based Intrusion Detection System for 10 Gigabit Ethernet
IEICE - Transactions on Information and Systems
A modular NFA architecture for regular expression matching
Proceedings of the 18th annual ACM/SIGDA international symposium on Field programmable gate arrays
Chimpp: a click-based programming and simulation environment for reconfigurable networking hardware
Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Automation Framework for Large-Scale Regular Expression Matching on FPGA
FPL '10 Proceedings of the 2010 International Conference on Field Programmable Logic and Applications
MalCoBox: Designing a 10 Gb/s Malware Collection Honeypot Using Reconfigurable Technology
FPL '10 Proceedings of the 2010 International Conference on Field Programmable Logic and Applications
NetStage/DPR: a self-adaptable FPGA platform for application-level network security
ARC'11 Proceedings of the 7th international conference on Reconfigurable computing: architectures, tools and applications
| Hi-index | 0.00 |
While the use of reconfigurable computing for tasks such as packet header processing or deep packet-inspection in high-speed networks has been widely studied, efforts to extend the technology to application-level processing have only recently been made. One issue that has prevented wider use of reconfigurable platforms in that context is the unfamiliar programming environment: Such systems commonly require expertise in computer architecture and digital logic design generally foreign to networking experts. To make the technology more accessible to potential users, we present the high-level domain-specific language Malacoda for application-level network processing and an associated compiler that automatically translates Malacoda descriptions into high-performance hardware blocks for insertion into an FPGA-based processing platform. We evaluate our approach on the use-case of a hardware-accelerated secure honeypot-in-a-box, programmed in Malacoda, and implemented on the NetFPGA 10G board. Results from a live-test of the system connected to a 10G Internet uplink complete the evaluation.