hardware acceleration an essential part of cyber security
play

Hardware Acceleration: An Essential Part of Cyber Security in - PowerPoint PPT Presentation

Sep 03, 2022 •120 likes •652 views

Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks Ji Novotn Pavel eleda Radek Krej novotny@ics.muni.cz celeda@ics.muni.cz krejci@liberouter.org DeepSec In-Depth Security Conference 2010

  1. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks Jiří Novotný Pavel Čeleda Radek Krejčí novotny@ics.muni.cz celeda@ics.muni.cz krejci@liberouter.org DeepSec – In-Depth Security Conference 2010 – November 25, 2010, Vienna, Austria

  2. Part I Motivation Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 2 / 41

  3. World Is Changing Quickly Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 3 / 41

  4. World Is Changing Quickly Cyber security become to be very important . Income from cyber crime is higher than from drugs . Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 3 / 41

  5. World Is Changing Quickly Cyber security become to be very important . Income from cyber crime is higher than from drugs . SPAM, phishing, social engineering, stealing of confidential information and many others. Botnet business (e.g. Chuck Norris botnet). Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 3 / 41

  6. World Is Changing Quickly Cyber security become to be very important . Income from cyber crime is higher than from drugs . SPAM, phishing, social engineering, stealing of confidential information and many others. Botnet business (e.g. Chuck Norris botnet). DDoS attacks against Estonia and Georgia. Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 3 / 41

  7. World Is Changing Quickly Cyber security become to be very important . Income from cyber crime is higher than from drugs . SPAM, phishing, social engineering, stealing of confidential information and many others. Botnet business (e.g. Chuck Norris botnet). DDoS attacks against Estonia and Georgia. Internet is battlefield of today. Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 3 / 41

  8. How Well Do You Know Your Network? Do you know what is happening on your network? Are you sure that your network is secure ? Are you able to detect and prove network incidents? Or does your network looks like Pandora’s box? Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 4 / 41

  9. Network Monitoring in Time Originally Basic functionality Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 5 / 41

  10. Network Monitoring in Time Originally Then Incident handling Basic functionality Network forensics Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 5 / 41

  11. Network Monitoring in Time Originally Then Now Incident handling Intrusion detection Basic functionality Network forensics Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 5 / 41

  12. Present Computer Security Main Issues Huge amount of data passing through network. Huge amount of monitoring data. Software-only monitoring solutions are not fast enough . Many of security tools are too complex for configuration. Hardware appliances are not flexible enough . Data from network devices have no sufficient quality . Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 6 / 41

  13. Our Vision of the Network Security Monitoring System Security Operations Center - SOC 2 NetFlow Deep Packet Lawful Firewall ... Analysis Inspection Interception Rules CSIRT Access Access Network Network 10Gbps 10Gbps 1 1 Core HAMOC HAMOC Network Bad Guys Victims Users HAMOC 1 High-speed acceleration – COMBOv2 hardware accelerator. Flexibility – Server PC box with monitoring software. Security Operations Center. 2 Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 7 / 41

  14. Part II Hardware Accelerated Monitoring Center (HAMOC) Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 8 / 41

  15. HAMOC Goals Makes use of hardware acceleration more user-friendly . Set of third-party tools tunned to work with COMBOv2. Use-cases and best practices how to work with COMBOv2. Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 9 / 41

  16. HAMOC Hardware – COMBOv2 Family COMBOI-1G4 – 4x1 Gb/s COMBOI-10G2 – 2x10 Gb/s COMBOI-10G4TXT – 4x10 Gb/s Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 10 / 41

  17. RAM ... Interface 0 COMBOv2 TX HANIC FW ibuf obuf 10 Gb/s Interface 1 ibuf obuf 10 Gb/s with core Hash-based Packet Distribution 16KiB 16KiB 16KiB RX DMA 1 RX DMA 2 RX 16KiB Acceleration 8 Interface 2 DMA ibuf obuf COMBOv2 card SZE TX NETWORK RX TX Port0 sze0:0 16 KiB Interface 1 DMA BURST/SINGLE 16 KiB 16 KiB packet transfer 64 MiB 64 MiB RX DMA TX DMA 16 KiB DMA Firmware NetCOPE – SDK for the COMBO Hardware Accelerator RX TX PCI express RAM BUS Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 11 / 41

  18. COMBOv2 ibuf TX 8 DMA RX with HANIC FW ibuf obuf 10 Gb/s Interface 1 obuf Acceleration 10 Gb/s Interface 0 16KiB Hash-based Packet Distribution 16KiB 16KiB 16KiB RX DMA 1 RX core 16 KiB 2 Interface 2 DMA ibuf obuf COMBOv2 card SZE TX NETWORK RX TX Port0 sze0:0 16 KiB Interface 1 DMA BURST/SINGLE 16 KiB 16 KiB packet transfer 64 MiB 64 MiB RX DMA TX DMA DMA Firmware NetCOPE – SDK for the COMBO Hardware Accelerator RX TX PCI express RAM BUS Hardware Accelerated NIC (HANIC) Firmware RAM ... Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 11 / 41

  19. applications SZE Linux TCP/IP stack sze0:1 sze0:0 ceth0 ceth1 applications standard interface native ethernet RAM FPGA PCAP applications ceth0 libpcap ceth1 sze0:0 szedata2-cv2 szedata2 built in modules sze0:1 sze0:0 libpcap-sze libsze2 sze0:1 HANIC firmware COMBO card control modules: combov2, combo6core Software Architecture RX TX RX TX Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 12 / 41

  20. Remote Configuration HAMOC Box #1 Security Operations Center NETCONF Agent HAMOC NETCONF Manager Configuration Local Configuration Daemon Datastore SSH connection HAMOC Box #N NETCONF Agent HAMOC Configuration Local Configuration configuration data Daemon Datastore status information, notifications NETCONF Protocol Secured data transport over SSH ( Secure Shell ) version 2. XML data format. Event notifications capability. Separated configuration datastores: startup, running, candidate. Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 13 / 41

  21. Connection to Network HAMOC HAMOC pass 0 on 1 pass 2 on 1 pass 1 on 0 pass 3 on 0 Forward to SW Port 0 Port 1 Port 0 Port 1 TAP In-line Mode 10 Gb/s TAP Mode 10 Gb/s Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 14 / 41

  22. HAMOC – Test Results HANIC Single Port Throughput Results at 10 Gb/s Ethernet 12 120 Measured Throughput Measured CPU Load 10 100 Throughput [Gb/s] 8 80 CPU Load [%] 6 60 4 40 2 20 0 0 64 128 256 512 800 1024 1280 1518 Packet Length [B] Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 15 / 41

  23. HAMOC Summary Based on COMBOv2 hardware accelerators . Uses NetCOPE platform for rapid firmware development . Changing filtering rules without packet loss . Several API for applications (standard stack, PCAP , SZE2 ). Uses third party well known applications (e.g. Wireshark). Simple development of new applications. Remote configuration via NETCONF. Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 16 / 41

  24. Part III Use Cases – Deep Packet Inspection Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 17 / 41

  25. Nanosecond Timestamps – I Motivation COMBOv2 hardware supports nanosecond timestamps . COMBO-LXT RAM correction NTP server algorithm tsuctl (tik.cesnet.cz) Host CLK+PPS CPU Bridge C L PPS K NIC PCIe GPS receiver COMBOL-GPS BUS (GARMIN 18 LVC) Problem libpcap library supports microsecond timestamps only . Wireshark supports nanoseconds PCAP file format. Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 18 / 41

  26. Nanosecond Timestamps – II Solution sze2pcap tool – writes network traffic to wireshark nanosecond PCAP format with nanosecond precision . SZE sze0:0 RAM sze0:1 libsze2 Port 1 Port 0 timestamp timestamp libpcap-sze ss. nsec ss. usec tcpdump, tshark, wireshark sze2pcap TAP 10 Gb/s Ethernet Jiří Novotný et al. Hardware Acceleration: An Essential Part of Cyber Security in High-Speed Networks 19 / 41

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Summary Security: Applications & Aspects Part I Cryptographic Features Introduction

Summary Security: Applications & Aspects Part I Cryptographic Features Introduction

Summary Security: Applications & Aspects Part I Cryptographic Features Introduction Software vs Hardware Support Hardware Acceleration Solutions Processor Extensions for Security Basic Cyphering Part II Symmetric vs Asymmetric

1.14k views • 21 slides
Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three

Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three

Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three points of failure in any secure network: Technology (hardware and software) Technology Support (ITS) End Users (USD students and employees)

359 views • 23 slides
Hardware Acceleration for RAID5/6, Deduplication & Security for parallel workloads Vikas

Hardware Acceleration for RAID5/6, Deduplication & Security for parallel workloads Vikas

Hardware Acceleration for RAID5/6, Deduplication & Security for parallel workloads Vikas Aggarwal Storage Developer Conference Bangalore 2017 Team Members Venkatesh Bolla Achyutha Krishna Anil Reddy Responsibilities: Storage

792 views • 27 slides
CYBER SECURITY PART 1 Keeping you safe in an electronic age David Gibb, Cyber Protect

CYBER SECURITY PART 1 Keeping you safe in an electronic age David Gibb, Cyber Protect

CYBER SECURITY PART 1 Keeping you safe in an electronic age David Gibb, Cyber Protect Officer, Essex Police Barry Linton, Thorpe Bay U3A Thorpe Bay U3A Criminal insight - why commit cybercrime? Scale Nationally 1.6 million cyber

429 views • 25 slides
Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
CYBERSECURITY IN IN LUXEMBOURG LEITMOTIV Leitmotiv Cyber security concerns any individual.

CYBERSECURITY IN IN LUXEMBOURG LEITMOTIV Leitmotiv Cyber security concerns any individual.

CYBERSECURITY IN IN LUXEMBOURG LEITMOTIV Leitmotiv Cyber security concerns any individual. For a country building its economic strengths on ICT, cyber security is an essential asset to its economic attractiveness . Cyber security creates

517 views • 17 slides
Security Testing Checking for what shouldnt happen Azqa Nadeem PhD Student @ Cyber Security

Security Testing Checking for what shouldnt happen Azqa Nadeem PhD Student @ Cyber Security

Security Testing Checking for what shouldnt happen Azqa Nadeem PhD Student @ Cyber Security Group The Cyber Security lecture series 1 Agenda for today Part I Latest security news Security vulnerabilities in Java

2.02k views • 185 slides
acceleration of security protocols Boris Pismenny (Mellanox) Declan Doherty (Intel) Hemant

acceleration of security protocols Boris Pismenny (Mellanox) Declan Doherty (Intel) Hemant

rte_security: enabling hardware acceleration of security protocols Boris Pismenny (Mellanox) Declan Doherty (Intel) Hemant Agrawal (NXP) DPDK Summit Userspace - Dublin- 2017 Agenda Introduction Acceleration enablement modes Inline

833 views • 37 slides
Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial

Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial

ABB MINING USER CONFERENCE, MAY 02-05, 2017 Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial Automation Division Agenda Why worry about cyber security? ABBs approach to cyber security Cyber security

1.07k views • 39 slides
Cyber-Physical Systems Security IECE 553/453 Fall 2019 Prof. Dola Saha 1 Security Threats

Cyber-Physical Systems Security IECE 553/453 Fall 2019 Prof. Dola Saha 1 Security Threats

Cyber-Physical Systems Security IECE 553/453 Fall 2019 Prof. Dola Saha 1 Security Threats in the IoT Cyber attack on the Ukrainian power grid Power outage caused by hackers Security in the IoT is essential, not just for information

1.21k views • 76 slides
Acceleration at the Edge for supporting SMEs Security: The FORTIKA Paradigm. H2020 FORTIKA

Acceleration at the Edge for supporting SMEs Security: The FORTIKA Paradigm. H2020 FORTIKA

Cyber Security Accelerator for trusted SMEs IT Ecosystems Acceleration at the Edge for supporting SMEs Security: The FORTIKA Paradigm. H2020 FORTIKA Presenter: Dr. Evangelos Markakis Technological Educational Institute of Crete Senior

504 views • 7 slides
Web Security Cyber Security Lab Spring '10 04/15/10 Cyber Security Lab 1 Outline Web

Web Security Cyber Security Lab Spring '10 04/15/10 Cyber Security Lab 1 Outline Web

Web Security Cyber Security Lab Spring '10 04/15/10 Cyber Security Lab 1 Outline Web application weaknesses XSS AJAX weaknesses SQL Injection Attacks (Slides from Lars Olson)

588 views • 41 slides
Hardware Acceleration of Cryptography Patrick Schaumont Professor Bradley Department of ECE

Hardware Acceleration of Cryptography Patrick Schaumont Professor Bradley Department of ECE

Hardware Acceleration of Cryptography Patrick Schaumont Professor Bradley Department of ECE Virginia Tech Patrick Schaumont (VT) Outline 1. Fundamentals of Parallelism 2. Embedded Architecture of MSP430, MSP432 3. Hardware Acceleration

1.38k views • 100 slides
Understanding Hardware Acceleration on Mobile Browsers Ariya Hidayat Magical Advice Use

Understanding Hardware Acceleration on Mobile Browsers Ariya Hidayat Magical Advice Use

Understanding Hardware Acceleration on Mobile Browsers Ariya Hidayat Magical Advice Use translate3d for hardware acceleration Challenges Game vs Web Game Text Textured objects Animation Physics Transformation Large but Still Bounded

715 views • 71 slides
acceleration Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada NSS acceleration

acceleration Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada NSS acceleration

IPQ806x Hardware acceleration Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada NSS acceleration model Features Designed for Home Gateways (CPE) Flow detection based All -or- nothing offload Acceleration

248 views • 8 slides
Part 0: Git-ing Started Part 1: Essential Skills Part 2: Introduction to Git Part 3: Advanced

Part 0: Git-ing Started Part 1: Essential Skills Part 2: Introduction to Git Part 3: Advanced

Part 0: Git-ing Started Part 1: Essential Skills Part 2: Introduction to Git Part 3: Advanced Features Part 4: Shells Comic Credit: Randall Munroe, xkcd.com Lab 3: Version Control Part 0: Git-ing Started Part 1: Essential Skills Part 2:

513 views • 37 slides
Understanding the Security of Traffic Signal Infrastructure Zhenyu Ning , Fengwei Zhang, and

Understanding the Security of Traffic Signal Infrastructure Zhenyu Ning , Fengwei Zhang, and

Understanding the Security of Traffic Signal Infrastructure Zhenyu Ning , Fengwei Zhang, and Stephen Remias COMPASS Lab Wayne State University DIMVA, June 19, 2019 Understanding the Security of Traffic Signal Infrastructure, DIMVA 19 1

952 views • 53 slides
SCADA Hacking Clear and Present Danger ITAC 2014 02 Oct 2014 Presen sented ed b by:

SCADA Hacking Clear and Present Danger ITAC 2014 02 Oct 2014 Presen sented ed b by:

SCADA Hacking Clear and Present Danger ITAC 2014 02 Oct 2014 Presen sented ed b by: Francis Brown Bishop Fox, LLC www.bishopfox.com Agenda O V E R V I E W Introd oduction on/B /Bac ackgr grou ound Target eting ng S

892 views • 64 slides
Nikhil Mittal (SamratAshok) } SamratAshok } Twitter - @nikhil_mitt } I am interested in

Nikhil Mittal (SamratAshok) } SamratAshok } Twitter - @nikhil_mitt } I am interested in

Nikhil Mittal (SamratAshok) } SamratAshok } Twitter - @nikhil_mitt } I am interested in Offensive Information Security, new attack vectors and methodologies to pwn systems. } Previous Talks Compromising a highly secure environment

505 views • 48 slides
Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson

Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson

Introduction to Network Security Security Chapter 11 Remote Access Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Remote Access Telnet Rlogin X-Windows X-Windows FTP General

765 views • 52 slides
The Security State of Open Source PHP Applications Dr. Johannes Dahse, RIPS Technologies GmbH

The Security State of Open Source PHP Applications Dr. Johannes Dahse, RIPS Technologies GmbH

The Security State of Open Source PHP Applications Dr. Johannes Dahse, RIPS Technologies GmbH Introduction About Johannes Dahse Master IT Security at RUB, Germany (2006 - 2012) Capture The Flag (CTF) Contests Security Consultant

673 views • 64 slides
Extending a Legacy Platform Providing a Minimalistic, Secure Single-Sign-On-Library 20/11/2015

Extending a Legacy Platform Providing a Minimalistic, Secure Single-Sign-On-Library 20/11/2015

Extending a Legacy Platform Providing a Minimalistic, Secure Single-Sign-On-Library 20/11/2015 Gschlberger/Gttfert 1 Introduction Research Studios Austria FG MicroLearning and Information Environments Bernhard Gschlberger

488 views • 19 slides
The Opportunity in Front of Us Marc Rowan Co-Founder and Senior Managing Director September

The Opportunity in Front of Us Marc Rowan Co-Founder and Senior Managing Director September

Strictly Confidential The Opportunity in Front of Us Marc Rowan Co-Founder and Senior Managing Director September 12, 2011 It should not be assumed that investments made in the future will be profitable or will equal the performance of the

447 views • 25 slides
Verizon Transactions Conference Call Lowell McAdam Chairman and CEO Fran Shammo Chief

Verizon Transactions Conference Call Lowell McAdam Chairman and CEO Fran Shammo Chief

VlpHU09DSUQyMDE0UTM Verizon Transactions Conference Call Lowell McAdam Chairman and CEO Fran Shammo Chief Financial Officer February 5, 2015 VlpHU09DSUQyMDE0UTM= Safe Harbor Statement NOTE: In this presentation we have made

397 views • 10 slides

More recommend