Assisting Network Intrusion Detection with Reconfigurable Hardware
FCCM '02 Proceedings of the 10th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Scalable Pattern Matching for High Speed Networks
FCCM '04 Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Pre-Decoded CAMs for Efficient and High-Speed NIDS Pattern Matching
FCCM '04 Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Fast Regular Expression Matching Using FPGAs
FCCM '01 Proceedings of the the 9th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
ScriptGen: an automated script generation tool for honeyd
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Entropy Based Worm and Anomaly Detection in Fast IP Networks
WETICE '05 Proceedings of the 14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise
DynaCORE — A Dynamically Reconfigurable Coprocessor Architecture for Network Processors
PDP '06 Proceedings of the 14th Euromicro International Conference on Parallel, Distributed, and Network-Based Processing
NetFPGA--An Open Platform for Gigabit-Rate Network Switching and Routing
MSE '07 Proceedings of the 2007 IEEE International Conference on Microelectronic Systems Education
Migrating a HoneyDepot to Hardware
SECUREWARE '07 Proceedings of the The International Conference on Emerging Security Information, Systems, and Technologies
FPGA based string matching for network processing applications
Microprocessors & Microsystems
Reducing False Alarm Rate in Anomaly Detection with Layered Filtering
ICCS '08 Proceedings of the 8th international conference on Computational Science, Part I
A Novel Embedded Accelerator for Online Detection of Shrew DDoS Attacks
NAS '08 Proceedings of the 2008 International Conference on Networking, Architecture, and Storage
Bitstream Encryption and Authentication Using AES-GCM in Dynamically Reconfigurable Systems
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
FPGA-Based Intrusion Detection System for 10 Gigabit Ethernet
IEICE - Transactions on Information and Systems
Evaluating Intrusion Detection Systems in High Speed Networks
IAS '09 Proceedings of the 2009 Fifth International Conference on Information Assurance and Security - Volume 02
Bitstream relocation with local clock domains for partially reconfigurable FPGAs
Proceedings of the Conference on Design, Automation and Test in Europe
MalCoBox: Designing a 10 Gb/s Malware Collection Honeypot Using Reconfigurable Technology
FPL '10 Proceedings of the 2010 International Conference on Field Programmable Logic and Applications
A Dynamically Reconfigured Network Platform for High-Speed Malware Collection
RECONFIG '10 Proceedings of the 2010 International Conference on Reconfigurable Computing and FPGAs
NetStage/DPR: a self-adaptable FPGA platform for application-level network security
ARC'11 Proceedings of the 7th international conference on Reconfigurable computing: architectures, tools and applications
Machine learning approach for IP-flow record anomaly detection
NETWORKING'11 Proceedings of the 10th international IFIP TC 6 conference on Networking - Volume Part I
| Hi-index | 0.00 |
Increasing transmission speeds in high-performance networks pose significant challenges to protecting the systems and networking infrastructure. Reconfigurable devices have already been used with great success to implement lower-levels of appropriate security measures (e.g., deep-packet inspection). We present a reconfigurable computing architecture supporting a broad spectrum of network security functionality in dedicated hardware. This includes application layer tasks (e.g., HTTP or SMTP processing) as well as the capability to autonomously adapt itself to varying traffic patterns using dynamic partial reconfiguration. The system is experimentally evaluated when implementing a honeynet-in-a-box to collect malware for potentially hundreds of thousands of emulated vulnerable hosts, as well as in a network-traffic anomaly detection role.