MalCoBox: Designing a 10 Gb/s Malware Collection Honeypot Using Reconfigurable Technology
Honeypots present networked computer systemswith known security flaws to attackers and can serve tocollect the executable code (malware) aiming to exploit thevulnerability. We describe and evaluate the proof-of-conceptNetStage Architecture for a high-speed honeypot realized inreconfigurable logic. Dedicated hardware accelerators for thedifferent network processing and detection layers allow thehoneypot to operate at full speed of a 10 Gb/s connection andproject the illusion of thousands of vulnerable systems at once.Furthermore, compromising the honeypot itself is significantlymore difficult than in software honeypots, since all processingis handled by specialized hardware blocks instead of generalpurpose processors.
MalCoBox: Designing a 10 Gb/s Malware Collection Honeypot Using Reconfigurable Technology
Field Programmable Logic and Applications (FPL), 2010 International Conference on
| Authors: | Sascha Muehlbach, Martin Brunner, Christopher Roblee, and Andreas Koch |
| Year/month: | 2010/8 |
| Booktitle: | Field Programmable Logic and Applications (FPL), 2010 International Conference on |
| Pages: | 592 -595 |
| Address: | Milan, Italy |
| Publisher: | IEEE Computer Society |
| Fulltext: | click here |
Abstract |
|
| Honeypots present networked computer systemswith known security flaws to attackers and can serve tocollect the executable code (malware) aiming to exploit thevulnerability. We describe and evaluate the proof-of-conceptNetStage Architecture for a high-speed honeypot realized inreconfigurable logic. Dedicated hardware accelerators for thedifferent network processing and detection layers allow thehoneypot to operate at full speed of a 10 Gb/s connection andproject the illusion of thousands of vulnerable systems at once.Furthermore, compromising the honeypot itself is significantlymore difficult than in software honeypots, since all processingis handled by specialized hardware blocks instead of generalpurpose processors. | |
Bibtex:
@inproceedings { Muehlbach2010,author = { Sascha Muehlbach and Martin Brunner and Christopher Roblee and Andreas Koch},
title = { MalCoBox: Designing a 10 Gb/s Malware Collection Honeypot Using Reconfigurable Technology },
year = { 2010 },
month = { August },
booktitle = { Field Programmable Logic and Applications (FPL), 2010 International Conference on },
address = { Milan, Italy },
pages = { 592 -595 },
publisher = { IEEE Computer Society },
url = { http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5694317&isnumber=5694025 },
}