Design of a secure packet processor

Chasaki, Danai; Wolf, Tilman

doi:10.1145/1872007.1872011

Cited by 18 publications

(12 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We show this vulnerability for two specific systems, a Click modular router [2] and a custom packet processor [3] based on the NetFPGA platform [4], as representatives for the broad class of routers with programmable packet processors. We also show that processor monitoring techniques developed in prior and related work [5] can help in identifying and mitigating these attacks.…”

Section: Introductionmentioning

confidence: 90%

Attacks on Network Infrastructure

Chasaki

Wolf

2011

2011 Proceedings of 20th International Conference on Computer Communications and Networks (ICCCN)

Self Cite

View full text Add to dashboard Cite

We present the first practical example of an entirely new class of network attacks -attacks that target the network infrastructure. Modern routers in computer networks use generalpurpose programmable packet processors. The software used for packet processing on these systems is potentially vulnerable to remote exploits. In this paper, we demonstrate a specific attack that can launch a devastating denial-of-service attack by sending just a single packet. We show that vulnerable packet processing code can be exploited on a Click modular router as well as on a custom packet processor on the NetFPGA platform. We also show that defense techniques based on processor monitoring that we have proposed in prior work can help in detecting and avoiding such attacks.

show abstract

Section: Introductionmentioning

confidence: 90%

Attacks on Network Infrastructure

Chasaki

Wolf

2011

2011 Proceedings of 20th International Conference on Computer Communications and Networks (ICCCN)

Self Cite

View full text Add to dashboard Cite

show abstract

“…A hardware monitor operates in parallel with a processor core and verifies that the core operates within certain constraints (e.g., not accessing certain memory locations, executing certain sequences of instructions, etc.). Hardware monitoring has been studied extensively for embedded systems [15]- [17] and has also been proposed for use in network processors [6]. In our recent work, we describe a high-performance implementation of such a hardware monitoring system that can meet the throughput demands of a network processor with a single processing core [18].…”

Section: Related Workmentioning

confidence: 99%

“…Additionally, network intrusion detection systems (e.g., snort [4] or Bro [5]) are often only positioned on the ingress side of campus networks and thus do not protect the Internet core. In response to this need, hardware monitors for network processor cores have been introduced to provide runtime execution protection [6]. A hardware monitor operates in concert with an embedded network processor core to assess runtime behavior.…”

Section: Introductionmentioning

confidence: 99%

Dynamic Hardware Monitors for Network Processor Protection

Chandrikakutty

Goodman

et al. 2016

IEEE Trans. Comput.

Self Cite

View full text Add to dashboard Cite

The importance of the Internet for society is increasing. To ensure a functional Internet, its routers need to operate correctly. However, the need for router flexibility has led to the use of softwareprogrammable network processors in routers, which exposes these systems to data plane attacks. Recently, hardware monitors have been introduced into network processors to verify the expected behavior of processor cores at run time. If instruction-level execution deviates from the expected sequence, an attack is identified, triggering processor core recovery efforts. In this manuscript, we describe a scalable network processor monitoring system that supports the reallocation of hardware monitors to processor cores in response to workload changes. The scalability of our monitoring architecture is demonstrated using theoretical models, simulation, and router system-level experiments implemented on an FPGA-based hardware platform. For a system with four processor cores and six monitors, the monitors result in a 6% logic and 38% memory bit overhead versus the processor's core logic and instruction storage. No slowdown of system throughput due to monitoring is reported.Index Terms-network security, network infrastructure, data plane attack, hardware monitor, multicore processor, FPGA 0018-9340 (c)

show abstract

“…• Hardware monitors: Monitoring with hardware monitors requires dedicated hardware logic to be co-located with each processor core. The hardware monitor tracks the operation of the processor and reports unusual events [20], [21]. Hardware monitors are often used in a security context, where malicious attacks need to be detected.…”

Section: ) Existing Detection Techniquesmentioning

confidence: 99%

External monitoring of highly parallel network processors

Chen

Chasaki

Wolf

2013

2013 IEEE 14th International Conference on High Performance Switching and Routing (HPSR)

Self Cite

View full text Add to dashboard Cite

Modern routers use high-performance multi-core packet processing systems to implement protocol operations and to forward traffic. As the diversity of protocols and the number of processor cores increases, it becomes increasingly difficult to manage these systems and ensure their correct operation at runtime. In particular, it is challenging to identify situations in which a part of processor cores behave incorrectly, either due to failure or due to malicious attacks. To address this problem, we present a novel approach to verifying correct operation of a packet processor by analyzing packet latency and throughput. This approach can treat the network processor as a "black box" and does not need to observe internal functionality. We show that processing time statistics are affected by system misbehavior and present an analytic model to quantify these effects. Our results show that the presented technique is an effective approach to provide an extra level of protection to packet processor systems. I. INTRODUCTIONComputer networks continue to increase in their size, diversity, and complexity. New protocols (e.g., IPv6 [1], etc.) and novel communication paradigms (e.g., content-addressable networks [2], etc.) need to be deployed for improved network operation and to support emerging applications. To meet these demands, the networking infrastructure components -specifically routers -need to be sufficiently adaptable. The use of programmable network processors in router systems allows for changes in packet processing functionality through software rather than requiring changes in hardware.To meet the performance requirements of modern networks, where link speeds exceed tens of Gigabits per second, network processor (NP) designs are based on highly parallel embedded multi-core architectures. These processor cores are powerful enough to perform packet processing operations independently, but they are not equipped to run a complex operating system. Typically, a control processor manages the processing tasks that are implemented on the multiple data path processor cores.Current network processors use dozens to hundreds of parallel cores (e.g., Cavium's Octeon III has 48 cores, AlcatelLucent's FP3 has 288 cores). One of the key operational challenges for such systems is workload management to meet targets for throughput performance, power consumption, etc. With the emergence of network virtualization [3], it is expected

show abstract

Design of a secure packet processor

Cited by 18 publications

References 22 publications

Attacks on Network Infrastructure

Attacks on Network Infrastructure

Dynamic Hardware Monitors for Network Processor Protection

External monitoring of highly parallel network processors

Contact Info

Product

Resources

About