Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

MalCoBox: Designing a 10 Gb/s malware collection honeypot using reconfigurable technology

 
: Mühlbach, S.; Brunner, M.; Roblee, C.; Koch, A.

:

IEEE Computer Society:
International Conference on Field Programmable Logic and Applications, FPL 2010 : Aug. 31 2010-Sept. 2 2010, Milan, Italy
New York, NY: IEEE, 2010
ISBN: 978-1-4244-7842-2
ISBN: 978-0-7695-4179-2
pp.592-595
International Conference on Field Programmable Logic and Applications (FPL) <20, 2010, Milan>
English
Conference Paper
Fraunhofer SIT ()

Abstract
Honeypots present networked computer systems with known security flaws to attackers and can serve to collect the executable code (malware) aiming to exploit the vulnerability. We describe and evaluate the proof-of-concept NetStage Architecture for a high-speed honeypot realized in reconfigurable logic. Dedicated hardware accelerators for the different network processing and detection layers allow the honeypot to operate at full speed of a 10 Gb/s connection and project the illusion of thousands of vulnerable systems at once. Furthermore, compromising the honeypot itself is significantly more difficult than in software honeypots, since all processing is handled by specialized hardware blocks instead of general purpose processors.

: http://publica.fraunhofer.de/documents/N-151705.html