NetStage/DPR: A self-reconfiguring platform for active and passive network security operations

Increasing transmission speeds in high-performance networks pose significant challenges to protecting the systems and networking infrastructure. Reconfigurable devices have already been used with great success to implement lower-levels of appropriate security measures (e.g., deep-packet inspection). We present a reconfigurable computing architecture supporting a broad spectrum of network security functionality in dedicated hardware. This includes application layer tasks (e.g., HTTP or SMTP processing) as well as the capability to autonomously adapt itself to varying traffic patterns using dynamic partial reconfiguration. The system is experimentally evaluated when implementing a honeynet-in-a-box to collect malware for potentially hundreds of thousands of emulated vulnerable hosts, as well as in a network-traffic anomaly detection role.