FPGA-based indicator mining at line speed at line speed

Master thesis (2021)

Authors

M.R.G. Molenkamp Electrical Engineering, Mathematics and Computer Science

Contributors

G. Gaydadjiev Computer Engineering - EEMCS (mentor)
Christian Doerr (graduation committee member)
Faculty
Electrical Engineering, Mathematics and Computer Science, Electrical Engineering, Mathematics and Computer Science
Copyright: © 2021 Michaël Molenkamp
More Info
expand_more

Published Date

10-12-2021

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Electrical Engineering, Mathematics and Computer Science

Abstract

Many devices currently connect to the internet. Some are pretty well secured, while others lack security due to bugs or other vulnerabilities. A scanner searches for available services on the internet or computer host using standard network protocols. An adversary uses a scanner to search for leaks in security. However, scanners encode their network traffic with a specific XOR pattern, also called a fingerprint of the scanner. However, finding those patterns is very computation-intensive on classical hardware. This thesis aims to use a special FPGA, namely a DFE, to find the fingerprints at a higher speed of 10 GBits/s. Additionally, it aims to find the limits of this DFE in terms of computation power and speed. We created a performance model to find the design requirements and used this data to choose the most optimal algorithm to find the fingerprints. The performance model showed that we would not reach the intended 10 GBits/s speed. Therefore, we chose the solution that would bring us as close as possible. The potential bandwidth we could reach is 2.4 GBits/s, approximately 12.7 times faster than an optimal high-end CPU implementation using a Ryzen Threadripper 3990x CPU.