Title :
MalCoBox: Designing a 10 Gb/s Malware Collection Honeypot Using Reconfigurable Technology
Author :
Mühlbach, Sascha ; Brunner, Martin ; Roblee, Christopher ; Koch, Andreas
Author_Institution :
Secure Things Group, Center for Adv. Security Res. Darmstadt (CASED), Darmstadt, Germany
fDate :
Aug. 31 2010-Sept. 2 2010
Abstract :
Honeypots present networked computer systems with known security flaws to attackers and can serve to collect the executable code (malware) aiming to exploit the vulnerability. We describe and evaluate the proof-of-concept NetStage Architecture for a high-speed honeypot realized in reconfigurable logic. Dedicated hardware accelerators for the different network processing and detection layers allow the honeypot to operate at full speed of a 10 Gb/s connection and project the illusion of thousands of vulnerable systems at once. Furthermore, compromising the honeypot itself is significantly more difficult than in software honeypots, since all processing is handled by specialized hardware blocks instead of general purpose processors.
Keywords :
computer network security; formal logic; invasive software; reconfigurable architectures; Honeypot; MalCoBox; NetStage architecture; hardware accelerator; malware collection; networked computer system; reconfigurable logic; reconfigurable technology; security flaws;
Conference_Titel :
Field Programmable Logic and Applications (FPL), 2010 International Conference on
Conference_Location :
Milano
Print_ISBN :
978-1-4244-7842-2
DOI :
10.1109/FPL.2010.116
