System-level security for network processors with hardware monitors

Kekai Hu, Tilman Wolf, Thiago Teixeira, Russell Tessier
2014 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC)  
New attacks are emerging that target the Internet infrastructure. Modern routers use programmable network processors that may be exploited by merely sending suitably crafted data packets into a network. Hardware monitors that are co-located with processor cores can detect attacks that change processor behavior with high probability. In this paper, we present a solution to the problem of secure, dynamic installation of hardware monitoring graphs on these devices. We also address the problem of
more » ... w to overcome the homogeneity of a network with many identical devices, where a successful attack, albeit possible only with small probability, may have devastating effects.
doi:10.1109/dac.2014.6881538 fatcat:ortoqu7hgbgwxdphc7w2douwb4