Application of netfpga in network security
This presentation is the property of its rightful owner.
Sponsored Links
1 / 14

Application of NetFPGA in Network Security PowerPoint PPT Presentation


  • 135 Views
  • Uploaded on
  • Presentation posted in: General

Application of NetFPGA in Network Security. Hao Chen 2/25/2011. Introduction to Shrew DDoS Attacks. DDoS attacks : Distributed Denial of Service attacks Shrew DDoS Attacks: Low rate TCP targeted DDoS Attacks. Power Spectral Density (PSD) Based Analysis.

Download Presentation

Application of NetFPGA in Network Security

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Application of netfpga in network security

Application of NetFPGA in Network Security

Hao Chen

2/25/2011


Introduction to shrew ddos attacks

Introduction to Shrew DDoS Attacks

  • DDoSattacks : Distributed Denial of Service attacks

  • Shrew DDoSAttacks: Low rate TCP targeted DDoS Attacks


Power spectral density psd based analysis

Power Spectral Density (PSD) Based Analysis

  • Performing PSD analysis is computing intensive

  • Adopt hardware implementation

    • NetFPGA based shrew DDoS attack detector


A netfpga board

A NetFPGA Board

  • Network + FPGA (Field Programmable Gate Arrays)

  • Fits into standard PCI or PCI-Xslot

    • Standard Bus: 32 bits, 33 MHz

  • Provides interfaces for processing network packets

    • 4 Gigabit Ethernet Ports

  • Allows hardware-accelerated processing

    • Implemented with FPGA Logic


The block diagram of netfpga

The Block Diagram of NetFPGA


A netfpga system

A NetFPGA System

Networking Software Running on a standard PC

A hardware accelerator built with FPGA

driving Gigabit network links


Our rackmount netfpga server

Our RackmountNetFPGA Server


A netfpga based router

A NetFPGA Based Router


Architecture of reference router

Architecture of Reference Router

  • Five stages

    • Input

    • Input arbitration

    • Routing decision and

      packet modification

    • Output queuing

    • Output

  • Packet-based module

    interface

  • Pluggable design


Inter module communication

Inter-Module Communication


Modifying reference router pipeline

Modifying Reference Router Pipeline


Modifying reference router pipeline1

Modifying Reference Router Pipeline

Power Spectral Density (PSD) Based Shrew DDoS Attack Detector


Overall shrew ddos attack detection development environment

Overall Shrew DDoS Attack Detection Development Environment

NetFPGA Box 2

Reference Router w

Shrew DDoS Detector

NetFPGA Box 1

Producer

NetFPGA Box 3

Consumer

NetFGPA w

Reference NIC

NetFGPA w

Custom DDoS Shrew

Traffic Generator

NetFGPA w

Custom DDoS Shrew

Detector

NetFPGA Reference Router

1 msec TCP Count samples

Shrew DDoS

Attack Detected

Shrew Packet Counter IF

Debug Interface

Autocorrelation

DFT

Threshold Detector


Questions

Questions?


  • Login