The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Distributed Denial of Service (DDoS) is a widely employed attacking scheme over network that interrupts services by creating network congestion, draining server resources, or disabling normal functions of network components. An attacker launches the DDoS attack from a large number of compromised while geographically distributed devices by sending low rate seemly legitimate traffic that disturbs server's...
Since the demand for more bandwidth, agile infrastructures and services grows, it becomes challenging for Service Providers like GEANT to manage the proprietary underlay, while keeping costs low. In such a scenario, Software Defined Networking (SDN), open hardware and open source software prove to be key components to address those challenges. After one year of development, SDX-L2 and BoD, the SDN-ization...
Threats within the network are a security risk with which you deal daily. Due to this, the use of more complex means of security than the Firewall should be considered to perform the analysis of the traffic behavior of the network by means of devices of next generation such as Systems of Detection and Prevention of Intrusions (IDPS). This article presents a comparison of commercial systems and open...
The Department of Homeland Security Cyber Security Division (CSD) chose Moving Target Defense as one of the fourteen primary Technical Topic Areas pertinent to securing federal networks and the larger Internet. Moving Target Defense over IPv6 (MT6D) employs an obscuration technique offering keyed access to hosts at a network level without altering existing network infrastructure. This is accomplished...
Packet forwarding in Software-Defined Networks (SDN) relies on a centralised network controller which enforces network policies expressed as forwarding rules. Rules are deployed as sets of entries into network device tables. With heterogeneous devices, deployment is strongly bounded by the respective table constraints (size, lookup time, etc.) and forwarding pipelines. Hence, minimising the overall...
In the field of underwater acoustic communication, because of the signal transmission distance is shorter, generally uses the copper cable transmission. When the signal is needed to be transmitted in a long distance, its anti interference and attenuation will seriously affect the reliability of the transmission. Optical fiber transmits in higher speed and stronger antijamming. Its application is more...
Semiconductor design houses are increasingly becoming dependent on third party vendors to procure intellectual property (IP) and meet time-to-market constraints. However, these third party IPs cannot be trusted as hardware Trojans can be maliciously inserted into them by untrusted vendors. While different approaches have been proposed to detect Trojans in third party IPs, their limitations have not...
Intellectual Property (IP) illegal copying is a major threat in today's integrated circuits industry which is massively based on a design-and-reuse paradigm. In order to fight this threat, a designer must track how many times an IP has been instantiated. Moreover, illegal copies of an IP must be unusable. We propose a hardware/software scheme which allows a designer to remotely activate an IP with...
Accelerator-in-Switch (AiS) is a framework for building an accelerator logic tightly coupled with a switching hub in a single FPGA for high performance computation with heterogeneous environment with CPUs and GPUs. AiS is implemented on a partial reconfigurable region of an FPGA whose permanent region is used for a switching hub. A port of the switching hub is connected to the registers and local...
We present a framework for creating heterogeneous virtualized network function (VNF) service chains from cloud data center resources. Traditionally, these functions are packaged in software images within a catalog of networking applications that can be loaded onto a virtual machine CPU, and can be offered to users as a service. Our framework combines the best of both software and hardware by allowing...
This paper explores the use of hardware sand-boxes, conceptually similar to software sandboxes, for secure integration of non-trusted IPs in systems-on-chip (SoC) designs. The goal of the hardware sandbox is to only allow permissible interactions between the IP and the rest of the system. The hardware sandbox design achieves this by exposing the IP interface to isolated virtual resources and checking...
Open source hardware projects are becoming more and more common. OpenRISC SOC, one of the prominent of these projects, has become quite popular with the support of volunteer developers. In this work, we have demonstrated the design of an DES (Data Encryption Standard) based system, that can be used in security applications, on ORPSoC-v2 (Openrisc Reference Platform System-on-Chip). Additionally, we...
As the complexity of System-on-Chip (SoC) and the reuse of third party IP continues to grow, the security of a heterogeneous SoC has become a critical issue. In order to increase the software security of such SoC, the TrustZone technology has been proposed by ARM to enforce software security. Nevertheless, many SoC embed non-trusted third party Intellectual Property (IP) trying to take the benefits...
Modern ASIC and FPGA based embedded products use model based design, in which both hardware and software are developed in parallel. Previously HW was completed first and the information handed over to SW team, typically in the form of register tables. The information was even manually copied to SW code, making any changes error-prone and laborious. IP-XACT is the most feasible standard to model HW...
Electronic Design Automation (EDA) industry heavily reuses third party IP cores which are vulnerable to insertion of Hardware Trojans (HTs) at design time by third party IP core providers. State of the art research has shown that existing HT detection techniques, which claim to detect all publicly available HT benchmarks, can still be defeated by carefully designing new sophisticated HTs. The reason...
This paper presents a fully configurable and programmable coprocessor IP core to efficiently compute Artificial Neural Networks (ANNs) in heterogeneous System-on-Chips (SoC). There is an increasing interest in moving applications involving streamed data such as those arising in machine-learning systems (machine-vision, speech-recognition, etc.) to highly-integrated low-power embedded devices. In this...
A massive threat to the modern and complex IC production chain is the use of untrusted off-shore foundries which are able to infringe valuable hardware design IP or to inject hardware Trojans causing severe loss of safety and security. Similarly, market dominating SRAM-based FPGAs are vulnerable to both attacks since the crucial gate-level netlist can be retrieved even in field for the majority of...
With the growing speed of computer networks, we need to test our solutions, network conditions, and topologies using high-speed traffic generators. The main contribution of this paper is 1) the theoretical proposal of a pseudo-random number generator (PRNG) algorithm that is usable for hardware-accelerated IP traffic generators and 2) the practical proposal of a novel design and implementation of...
The balance of searching time and storage space is a problem in routing lookup. The algorithm has solved it to some extent. It is based on IPv6 prefix distribution and adopts different approaches to divide and compress different prefixes. The prefixes that can be divided exactly are concentrated compression. Other prefixes that can't be divided exactly are handled with multi-branch tree method. According...
The paper presents a conceptual design of an IP module of mathematical coprocessor. It consists of a set of processing cores of the same kind which perform single-cycle scalar, or vector operations with real numbers. The processed data is represented in the modular logarithmic format that provides two levels of translating the original numbers, namely: the modular level instead of the conventional...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.