Mühlbach, Sascha ; Brunner, Martin ; Roblee, Christopher ; Koch, Andreas (2010)
MalCoBox: Designing a 10 Gb/s Malware Collection Honeypot using Reconfigurable Technology.
Conference or Workshop Item, Bibliographie
Abstract
Honeypots present networked computer systems with known security flaws to attackers and can serve to collect the executable code (malware) aiming to exploit the vulnerability. We describe and evaluate the proof-of-concept NetStage Architecture for a high-speed honeypot realized in reconfigurable logic. Dedicated hardware accelerators for the different network processing and detection layers allow the honeypot to operate at full speed of a 10 Gb/s connection and project the illusion of thousands of vulnerable systems at once. Furthermore, compromising the honeypot itself is significantly more difficult than in software honeypots, since all processing is handled by specialized hardware blocks instead of general purpose processors.
Item Type: | Conference or Workshop Item |
---|---|
Erschienen: | 2010 |
Creators: | Mühlbach, Sascha ; Brunner, Martin ; Roblee, Christopher ; Koch, Andreas |
Type of entry: | Bibliographie |
Title: | MalCoBox: Designing a 10 Gb/s Malware Collection Honeypot using Reconfigurable Technology |
Language: | German |
Date: | September 2010 |
Book Title: | 20th International Conference on Field Programmable Logic and Applications (FPL 2010) |
Abstract: | Honeypots present networked computer systems with known security flaws to attackers and can serve to collect the executable code (malware) aiming to exploit the vulnerability. We describe and evaluate the proof-of-concept NetStage Architecture for a high-speed honeypot realized in reconfigurable logic. Dedicated hardware accelerators for the different network processing and detection layers allow the honeypot to operate at full speed of a 10 Gb/s connection and project the illusion of thousands of vulnerable systems at once. Furthermore, compromising the honeypot itself is significantly more difficult than in software honeypots, since all processing is handled by specialized hardware blocks instead of general purpose processors. |
Uncontrolled Keywords: | Secure Things |
Identification Number: | TUD-CS-2010-0236 |
Divisions: | LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt LOEWE > LOEWE-Zentren LOEWE |
Date Deposited: | 30 Dec 2016 20:23 |
Last Modified: | 17 May 2018 13:02 |
PPN: | |
Export: | |
Suche nach Titel in: | TUfind oder in Google |
Send an inquiry |
Options (only for editors)
Show editorial Details |