Presentation is loading. Please wait.

Presentation is loading. Please wait.

Application of NetFPGA in Network Security Hao Chen 2/25/2011.

Similar presentations


Presentation on theme: "Application of NetFPGA in Network Security Hao Chen 2/25/2011."— Presentation transcript:

1 Application of NetFPGA in Network Security Hao Chen 2/25/2011

2 Introduction to Shrew DDoS Attacks DDoS attacks : Distributed Denial of Service attacks Shrew DDoS Attacks: Low rate TCP targeted DDoS Attacks

3 Power Spectral Density (PSD) Based Analysis Performing PSD analysis is computing intensive Adopt hardware implementation ▫NetFPGA based shrew DDoS attack detector

4 A NetFPGA Board Network + FPGA (Field Programmable Gate Arrays) ▫Fits into standard PCI or PCI-X slot  Standard Bus: 32 bits, 33 MHz ▫Provides interfaces for processing network packets  4 Gigabit Ethernet Ports ▫Allows hardware-accelerated processing  Implemented with FPGA Logic

5 The Block Diagram of NetFPGA

6 A NetFPGA System

7 Our Rackmount NetFPGA Server

8 A NetFPGA Based Router

9 Architecture of Reference Router Five stages ▫Input ▫Input arbitration ▫Routing decision and packet modification ▫Output queuing ▫Output Packet-based module interface Pluggable design

10 Inter-Module Communication

11 Modifying Reference Router Pipeline

12 Power Spectral Density (PSD) Based Shrew DDoS Attack Detector

13 Overall Shrew DDoS Attack Detection Development Environment NetFGPA w Custom DDoS Shrew Traffic Generator NetFPGA Box 1 Producer NetFPGA Box 2 Reference Router w Shrew DDoS Detector NetFGPA w Custom DDoS Shrew Detector NetFPGA Box 3 Consumer NetFGPA w Reference NIC NetFPGA Reference Router Shrew Packet Counter IF AutocorrelationDFT Threshold Detector Shrew DDoS Attack Detected Debug Interface 1 msec TCP Count samples

14 Questions?


Download ppt "Application of NetFPGA in Network Security Hao Chen 2/25/2011."

Similar presentations


Ads by Google