research-article

Malacoda: towards high-level compilation of network security applications on reconfigurable hardware

Authors:

Sascha Muehlbach,

Andreas KochAuthors Info & Claims

ANCS '12: Proceedings of the eighth ACM/IEEE symposium on Architectures for networking and communications systems

Pages 247 - 258

https://doi.org/10.1145/2396556.2396604

Published: 29 October 2012 Publication History

Abstract

While the use of reconfigurable computing for tasks such as packet header processing or deep packet-inspection in high-speed networks has been widely studied, efforts to extend the technology to application-level processing have only recently been made. One issue that has prevented wider use of reconfigurable platforms in that context is the unfamiliar programming environment: Such systems commonly require expertise in computer architecture and digital logic design generally foreign to networking experts. To make the technology more accessible to potential users, we present the high-level domain-specific language Malacoda for application-level network processing and an associated compiler that automatically translates Malacoda descriptions into high-performance hardware blocks for insertion into an FPGA-based processing platform. We evaluate our approach on the use-case of a hardware-accelerated secure honeypot-in-a-box, programmed in Malacoda, and implemented on the NetFPGA 10G board. Results from a live-test of the system connected to a 10G Internet uplink complete the evaluation.

References

[1]

ARBOR Networks. Active Threat Level Analysis System (ATLAS). Available online at: atlas.arbor.net.

[2]

BEEcube Inc. BEE3 Hardware User Manual, 2008.

[3]

G. Brebner. Packets everywhere: The great opportunity for field programmable technology. Proc. Intl. Conf. on Field Programmable Technology, pages 1--10, 2009.

[4]

Dionaea. Available online at: dionaea.carnivore.it.

[5]

T. Ganegedara, Y.-H. E. Yang, and V. K. Prasanna. Automation Framework for Large-Scale Regular Expression Matching on FPGA. In Proc. Intl Conf. Field Programmable Logic and Applications, pages 50--55, 2010.

Digital Library

[6]

Honeyd. Available online at: www.honeyd.org.

[7]

T. Katashita, Y. Yamaguchi, A. Maeda, and K. Toda. FPGA-Based Intrusion Detection System for 10 Gigabit Ethernet. IEICE Trans. Information and Systems, E90-D:1923--1931, 2007.

Digital Library

[8]

E. Kohler, R. Morris, B. Chen, et al. The Click modular router. ACM Trans. Computer Systems, 18:263--297, 2000.

Digital Library

[9]

M. Labrecque, J. G. Ste an, G. Salmon, et al. NetThreads: Programming NetFPGA with Threaded Software. In Proc. NetFPGA Developers Workshop, 2009.

[10]

D. Litchfield. Microsoft SQL Server 2000 Unauthenticated System Compromise. Available online at: http://marc.info/?l=bugtraq&m=102760196931518.

[11]

J. Lockwood, N. McKeown, G. Watson, et al. NetFPGA - An Open Platform for Gigabit-Rate Network Switching and Routing. In Proc. Intl. Conf. Microelectronic Systems Education, pages 160--161, 2007.

Digital Library

[12]

Mentor Graphics. Catapult C. Available online at: www.mentor.com.

[13]

S. Muehlbach, M. Brunner, C. Roblee, and A. Koch. MalCoBox: Designing a 10 Gb/s Malware Collection Honeypot using Reconfigurable Technology. In Proc. 20th Intl. Conf. on Field Programmable Logic and Applications, pages 592--595, 2010.

Digital Library

[14]

S. Muehlbach and A. Koch. A novel network platform for secure and efficient malware collection based on reconfigurable hardware logic. In Proc. 2011 World Congress on Internet Security, pages 9--14, 2011.

[15]

S. Muehlbach and A. Koch. NetStage/DPR: A Self-adaptable FPGA Platform for Application-Level Network Security. In Proc. 7th Intl. Symposium on Reconfigurable Computing: Architectures, Tools and Applications, pages 328--339, 2011.

Digital Library

[16]

Mykonos. Mykonos Web Security. Available online at: www.mykonossoftware.com.

[17]

NetFPGA 10G. Available online at: www.netfpga.org.

[18]

NetLogic Microsystems. NETL7 Layer 7 knowledge-based processor. Available online at: www.netlogicmicro.com.

[19]

T. Parr. ANTLR Parser Generator v3, 2008. Available online at: http://www.antlr.org/.

[20]

V. Pejovic, I. Kovacevic, S. Bojanic, et al. Migrating a Honeypot to Hardware. In Proc. Intl. Conf. on Emerging Security Information, Systems, and Technologies, pages 151--156, 2007.

Digital Library

[21]

M. Roesch. Snort - Lightweight Intrusion Detection for Networks. In Proc. 13th USENIX Conf. System Administration, LISA '99, pages 229--238, 1999.

Digital Library

[22]

E. Rubow, R. McGeer, J. Mogul, and A. Vahdat. Chimpp: a click-based programming and simulation environment for reconfigurable networking hardware. In Proc. 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems, pages 36:1--36:10, 2010.

Digital Library

[23]

Synopsys. Synphony C. Available online at: synopsys.com.

[24]

Tilera. TILE64 processor. Available online at: tilera.com.

[25]

H. Wang, S. Pu, et al. A modular NFA architecture for regular expression matching. Proc. Intl. Symposium on Field Programmable Gate Arrays, pages 209--218, 2010.

Digital Library

[26]

Xilinx, Inc. UG632: PlanAhead User Guide v. 13.3, 2011.

[27]

Xilinx, Inc. UG681: ISE Design Suite Software Manuals and Help v. 13.3, 2011.

Cited By

Malaj EMarinova G(2020)Review on Hardware Solutions for Cybersecurity of Communication Systems2020 28th National Conference with International Participation (TELECOM)10.1109/TELECOM50385.2020.9299537(129-132)Online publication date: 29-Oct-2020
https://doi.org/10.1109/TELECOM50385.2020.9299537
Niemiec GBatista LSchaeffer-Filho ANazar G(2020)A Survey on FPGA Support for the Feasible Execution of Virtualized Network FunctionsIEEE Communications Surveys & Tutorials10.1109/COMST.2019.294369022:1(504-525)Online publication date: Sep-2021
https://doi.org/10.1109/COMST.2019.2943690
Li KAttarmoghaddam N(2018)Challenges and Methodologies of Hardware Security2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA)10.1109/AINA.2018.00136(928-933)Online publication date: May-2018
https://doi.org/10.1109/AINA.2018.00136
Show More Cited By

Index Terms

Malacoda: towards high-level compilation of network security applications on reconfigurable hardware
1. Hardware
  1. Electronic design automation
    1. High-level and register-transfer level synthesis

Recommendations

Titan-R: A Multigigabit Reconfigurable Combined Compression/Decompression Unit

Data compression techniques can alleviate bandwidth problems in even multigigabit networks and are especially useful when combined with encryption. This article demonstrates a reconfigurable hardware compressor/decompressor core, the Titan-R, which can ...
NetStage/DPR: A self-reconfiguring platform for active and passive network security operations

Increasing transmission speeds in high-performance networks pose significant challenges to protecting the systems and networking infrastructure. Reconfigurable devices have already been used with great success to implement lower-levels of appropriate ...
A new hardware algorithm for fast IP routing targeting programmable routers
Network control and engineering for Qos, security and mobility II

While deployment of embedded and distributed network services imposes new demands for flexibility and programmability, IP address lookup has become significant performance bottleneck for the highest performance routers. Amid their vast array of academic ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ANCS '12: Proceedings of the eighth ACM/IEEE symposium on Architectures for networking and communications systems

October 2012

270 pages

ISBN:9781450316859

DOI:10.1145/2396556

General Chair:
Tilman Wolf
University of Massachusetts Amherst, USA
,
Program Chairs:
Andrew W. Moore
University of Cambridge, UK
,
Viktor Prasanna
University of Southern California, USA

Copyright © 2012 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 29 October 2012

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ANCS '12

Sponsor:

ANCS '12: Symposium on Architecture for Networking and Communications Systems

October 29 - 30, 2012

Texas, Austin, USA

Acceptance Rates

Overall Acceptance Rate 88 of 314 submissions, 28%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
125
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 12 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Malaj EMarinova G(2020)Review on Hardware Solutions for Cybersecurity of Communication Systems2020 28th National Conference with International Participation (TELECOM)10.1109/TELECOM50385.2020.9299537(129-132)Online publication date: 29-Oct-2020
https://doi.org/10.1109/TELECOM50385.2020.9299537
Niemiec GBatista LSchaeffer-Filho ANazar G(2020)A Survey on FPGA Support for the Feasible Execution of Virtualized Network FunctionsIEEE Communications Surveys & Tutorials10.1109/COMST.2019.294369022:1(504-525)Online publication date: Sep-2021
https://doi.org/10.1109/COMST.2019.2943690
Li KAttarmoghaddam N(2018)Challenges and Methodologies of Hardware Security2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA)10.1109/AINA.2018.00136(928-933)Online publication date: May-2018
https://doi.org/10.1109/AINA.2018.00136
Hamed TErnst JKremer S(2017)A Survey and Taxonomy on Data and Pre-processing Techniques of Intrusion Detection SystemsComputer and Network Security Essentials10.1007/978-3-319-58424-9_7(113-134)Online publication date: 13-Aug-2017
https://doi.org/10.1007/978-3-319-58424-9_7
Muhlbach SKoch A(2014)A Reconfigurable Platform and Programming Tools for High-Level Network Applications Demonstrated as a Hardware HoneypotIEEE Journal on Selected Areas in Communications10.1109/JSAC.2014.235883832:10(1919-1932)Online publication date: Oct-2014
https://doi.org/10.1109/JSAC.2014.2358838

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents