A Dynamically Reconfigured Multi-FPGA Network Platform for High-Speed Malware Collection
Malicious software has become a major threat to computer users on the Internet today. Security researchers need to gather and analyze large sample sets to develop effective countermeasures. The setting of honeypots, which emulate vulnerable applications, is one method to collect attack code. We have...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2012-01-01
|
| Series: | International Journal of Reconfigurable Computing |
| Online Access: | http://dx.doi.org/10.1155/2012/342625 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832566978285404160 |
|---|---|
| author | Sascha Mühlbach Andreas Koch |
| author_facet | Sascha Mühlbach Andreas Koch |
| author_sort | Sascha Mühlbach |
| collection | DOAJ |
| description | Malicious software has become a major threat to
computer users on the Internet today. Security researchers
need to gather and analyze large sample sets to develop
effective countermeasures. The setting of honeypots, which
emulate vulnerable applications, is one method to collect attack
code. We have proposed a dedicated hardware architecture
for honeypots which allows both high-speed operation at 10 Gb/s and beyond and offers a high resilience against
attacks on the honeypot infrastructure itself. In this work, we
refine the base NetStage architecture for better management
and scalability. Using dynamic partial reconfiguration, we can
now update the functionality of the honeypot during operation.
To allow the operation of a larger number of vulnerability
emulation handlers, the initial single-device architecture is extended
to scalable multichip systems. We describe the technical
aspects of these modifications and show results evaluating
an implementation on a current quad-FPGA reconfigurable
computing platform. |
| format | Article |
| id | doaj-art-a6ee1a9d812742489dedd6a758176232 |
| institution | Kabale University |
| issn | 1687-7195 1687-7209 |
| language | English |
| publishDate | 2012-01-01 |
| publisher | Wiley |
| record_format | Article |
| series | International Journal of Reconfigurable Computing |
| spelling | doaj-art-a6ee1a9d812742489dedd6a7581762322025-02-03T01:02:40ZengWileyInternational Journal of Reconfigurable Computing1687-71951687-72092012-01-01201210.1155/2012/342625342625A Dynamically Reconfigured Multi-FPGA Network Platform for High-Speed Malware CollectionSascha Mühlbach0Andreas Koch1Secure Things Group, Center for Advanced Security Research Darmstadt, Mornewegstr. 32, 64293 Darmstadt, GermanyDepartment of Computer Science, Embedded Systems and Applications Group, Technische Universität Darmstadt, Hochschulstr. 10, 64289 Darmstadt, GermanyMalicious software has become a major threat to computer users on the Internet today. Security researchers need to gather and analyze large sample sets to develop effective countermeasures. The setting of honeypots, which emulate vulnerable applications, is one method to collect attack code. We have proposed a dedicated hardware architecture for honeypots which allows both high-speed operation at 10 Gb/s and beyond and offers a high resilience against attacks on the honeypot infrastructure itself. In this work, we refine the base NetStage architecture for better management and scalability. Using dynamic partial reconfiguration, we can now update the functionality of the honeypot during operation. To allow the operation of a larger number of vulnerability emulation handlers, the initial single-device architecture is extended to scalable multichip systems. We describe the technical aspects of these modifications and show results evaluating an implementation on a current quad-FPGA reconfigurable computing platform.http://dx.doi.org/10.1155/2012/342625 |
| spellingShingle | Sascha Mühlbach Andreas Koch A Dynamically Reconfigured Multi-FPGA Network Platform for High-Speed Malware Collection International Journal of Reconfigurable Computing |
| title | A Dynamically Reconfigured Multi-FPGA Network Platform for High-Speed Malware Collection |
| title_full | A Dynamically Reconfigured Multi-FPGA Network Platform for High-Speed Malware Collection |
| title_fullStr | A Dynamically Reconfigured Multi-FPGA Network Platform for High-Speed Malware Collection |
| title_full_unstemmed | A Dynamically Reconfigured Multi-FPGA Network Platform for High-Speed Malware Collection |
| title_short | A Dynamically Reconfigured Multi-FPGA Network Platform for High-Speed Malware Collection |
| title_sort | dynamically reconfigured multi fpga network platform for high speed malware collection |
| url | http://dx.doi.org/10.1155/2012/342625 |
| work_keys_str_mv | AT saschamuhlbach adynamicallyreconfiguredmultifpganetworkplatformforhighspeedmalwarecollection AT andreaskoch adynamicallyreconfiguredmultifpganetworkplatformforhighspeedmalwarecollection AT saschamuhlbach dynamicallyreconfiguredmultifpganetworkplatformforhighspeedmalwarecollection AT andreaskoch dynamicallyreconfiguredmultifpganetworkplatformforhighspeedmalwarecollection |