Presentation is loading. Please wait.

Presentation is loading. Please wait.

Application of NetFPGA in Network Security Hao Chen 2/25/2011.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Application of NetFPGA in Network Security Hao Chen 2/25/2011."— Presentation transcript:

1 Application of NetFPGA in Network Security Hao Chen 2/25/2011

2 Introduction to Shrew DDoS Attacks DDoS attacks : Distributed Denial of Service attacks Shrew DDoS Attacks: Low rate TCP targeted DDoS Attacks

3 Power Spectral Density (PSD) Based Analysis Performing PSD analysis is computing intensive Adopt hardware implementation ▫NetFPGA based shrew DDoS attack detector

4 A NetFPGA Board Network + FPGA (Field Programmable Gate Arrays) ▫Fits into standard PCI or PCI-X slot  Standard Bus: 32 bits, 33 MHz ▫Provides interfaces for processing network packets  4 Gigabit Ethernet Ports ▫Allows hardware-accelerated processing  Implemented with FPGA Logic

5 The Block Diagram of NetFPGA

6 A NetFPGA System

7 Our Rackmount NetFPGA Server

8 A NetFPGA Based Router

9 Architecture of Reference Router Five stages ▫Input ▫Input arbitration ▫Routing decision and packet modification ▫Output queuing ▫Output Packet-based module interface Pluggable design

10 Inter-Module Communication

11 Modifying Reference Router Pipeline

12 Power Spectral Density (PSD) Based Shrew DDoS Attack Detector

13 Overall Shrew DDoS Attack Detection Development Environment NetFGPA w Custom DDoS Shrew Traffic Generator NetFPGA Box 1 Producer NetFPGA Box 2 Reference Router w Shrew DDoS Detector NetFGPA w Custom DDoS Shrew Detector NetFPGA Box 3 Consumer NetFGPA w Reference NIC NetFPGA Reference Router Shrew Packet Counter IF AutocorrelationDFT Threshold Detector Shrew DDoS Attack Detected Debug Interface 1 msec TCP Count samples

14 Questions?

Download ppt "Application of NetFPGA in Network Security Hao Chen 2/25/2011."

Similar presentations

NetFPGA Project: 4-Port Layer 2/3 Switch Ankur Singla Gene Juknevicius

NetFPGA Project: 4-Port Layer 2/3 Switch Ankur Singla Gene Juknevicius
Berlin – November 10th, 2011 NetFPGA Programmable Networking for High-Speed Network Prototypes, Research and Teaching Presented by: Andrew W. Moore (University.

Berlin – November 10th, 2011 NetFPGA Programmable Networking for High-Speed Network Prototypes, Research and Teaching Presented by: Andrew W. Moore (University.
1 A TCAM-based solution for integrated traffic anomaly detection and policy filtering Author: Zhijun Wang, Hao Che, Jiannong Cao, Jingshan Wang Publisher:

1 A TCAM-based solution for integrated traffic anomaly detection and policy filtering Author: Zhijun Wang, Hao Che, Jiannong Cao, Jingshan Wang Publisher:
Garrett Drown Tianyi Xing Group #4 CSE548 – Advanced Computer Network Security.

Garrett Drown Tianyi Xing Group #4 CSE548 – Advanced Computer Network Security.
External perimeter of secure network public Internet SNMPdata transaction data control commands July 2003 Firewall Network Processor™: basic concept and.

External perimeter of secure network public Internet SNMPdata transaction data control commands July 2003 Firewall Network Processor™: basic concept and.
400 Gb/s Programmable Packet Parsing on a Single FPGA Authors : Michael Attig 、 Gordon Brebner Publisher: 2011 Seventh ACM/IEEE Symposium on Architectures.

400 Gb/s Programmable Packet Parsing on a Single FPGA Authors : Michael Attig 、 Gordon Brebner Publisher: 2011 Seventh ACM/IEEE Symposium on Architectures.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung(1203584897) SriramGopinath(1203800749)

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) SriramGopinath( )
IO Controller Module Arbitrates IO from the CCP Physically separable from CCP –Can be used as independent data logger or used in future projects. Implemented.

IO Controller Module Arbitrates IO from the CCP Physically separable from CCP –Can be used as independent data logger or used in future projects. Implemented.
Photoshop Plug-ins with Reconfigurable Logic Implementing a Skeletonization algorithm on the VCC Hotworks Development System (Xilinx XC6200) Mark L. Chang.

Photoshop Plug-ins with Reconfigurable Logic Implementing a Skeletonization algorithm on the VCC Hotworks Development System (Xilinx XC6200) Mark L. Chang.
1 Network Packet Generator Characterization presentation Supervisor: Mony Orbach Presenting: Eugeney Ryzhyk, Igor Brevdo.

1 Network Packet Generator Characterization presentation Supervisor: Mony Orbach Presenting: Eugeney Ryzhyk, Igor Brevdo.
The Design of Improved Dynamic AES and Hardware Implementation Using FPGA 89321032 游精允.

The Design of Improved Dynamic AES and Hardware Implementation Using FPGA 游精允.
Students:Gilad Goldman Lior Kamran Supervisor:Mony Orbach Mid-Semester Presentation Spring 2005 Network Sniffer.

Students:Gilad Goldman Lior Kamran Supervisor:Mony Orbach Mid-Semester Presentation Spring 2005 Network Sniffer.
Final Presentation Momentum Measurement Card Project supervised by: Mony Orbach Project performed by: Hadas Preminger, Uri Niv.

Final Presentation Momentum Measurement Card Project supervised by: Mony Orbach Project performed by: Hadas Preminger, Uri Niv.
Router Architectures An overview of router architectures.

Router Architectures An overview of router architectures.
Design and Implementation of SIP-aware DDoS Attack Detection System.

Design and Implementation of SIP-aware DDoS Attack Detection System.
Field Programmable Gate Array (FPGA) Layout An FPGA consists of a large array of Configurable Logic Blocks (CLBs) - typically 1,000 to 8,000 CLBs per chip.

Field Programmable Gate Array (FPGA) Layout An FPGA consists of a large array of Configurable Logic Blocks (CLBs) - typically 1,000 to 8,000 CLBs per chip.
System Architecture A Reconfigurable and Programmable Gigabit Network Interface Card Jeff Shafer, Hyong-Youb Kim, Paul Willmann, Dr. Scott Rixner Rice.

System Architecture A Reconfigurable and Programmable Gigabit Network Interface Card Jeff Shafer, Hyong-Youb Kim, Paul Willmann, Dr. Scott Rixner Rice.
CS 838: NetFPGA Tutorial Theophilus Benson.

CS 838: NetFPGA Tutorial Theophilus Benson.
Router Architectures An overview of router architectures.

Router Architectures An overview of router architectures.
Department of Electrical and Computer Engineering Kekai Hu, Harikrishnan Chandrikakutty, Deepak Unnikrishnan, Tilman Wolf, and Russell Tessier Department.

Department of Electrical and Computer Engineering Kekai Hu, Harikrishnan Chandrikakutty, Deepak Unnikrishnan, Tilman Wolf, and Russell Tessier Department.

Similar presentations

Ads by Google