System-level security for network processors with hardware monitors

2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC) Pub Date : 2014-06-01 DOI:10.1145/2593069.2593226

Kekai Hu, T. Wolf, Thiago Teixeira, R. Tessier

引用次数: 15

Abstract

New attacks are emerging that target the Internet infrastructure. Modern routers use programmable network processors that may be exploited by merely sending suitably crafted data packets into a network. Hardware monitors that are co-located with processor cores can detect attacks that change processor behavior with high probability. In this paper, we present a solution to the problem of secure, dynamic installation of hardware monitoring graphs on these devices. We also address the problem of how to overcome the homogeneity of a network with many identical devices, where a successful attack, albeit possible only with small probability, may have devastating effects.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

带硬件监视器的网络处理器的系统级安全性

针对互联网基础设施的新攻击正在出现。现代路由器使用可编程的网络处理器，这些处理器可以通过向网络发送适当制作的数据包来利用。与处理器核心共存的硬件监视器可以很有可能检测到改变处理器行为的攻击。在本文中，我们提出了在这些设备上安全、动态地安装硬件监控图的解决方案。我们还解决了如何克服具有许多相同设备的网络的同质性的问题，在这种情况下，成功的攻击，尽管只有很小的概率，可能会产生破坏性的影响。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC)

自引率

0.00%

发文量

期刊最新文献

The EDA challenges in the dark silicon era CAP: Communication aware programming Advanced soft-error-rate (SER) estimation with striking-time and multi-cycle effects State-restrict MLC STT-RAM designs for high-reliable high-performance memory system OD3P: On-Demand Page Paired PCM