Malicious software has become a major threat to computer users on the Internet today. Security researchers need to gather and\r\nanalyze large sample sets to develop effective countermeasures. The setting of honeypots, which emulate vulnerable applications,\r\nis one method to collect attack code. We have proposed a dedicated hardware architecture for honeypots which allows both highspeed\r\noperation at 10 Gb/s and beyond and offers a high resilience against attacks on the honeypot infrastructure itself. In this\r\nwork, we refine the base NetStage architecture for better management and scalability. Using dynamic partial reconfiguration, we\r\ncan now update the functionality of the honeypot during operation. To allow the operation of a larger number of vulnerability\r\nemulation handlers, the initial single-device architecture is extended to scalable multichip systems. We describe the technical\r\naspects of these modifications and show results evaluating an implementation on a current quad-FPGA reconfigurable computing\r\nplatform.
Loading....