|
Towards Accelerating Intrusion Detection 6 y6 G2 R" E6 [/ w
Operations at the Edge Network using FPGAs
3 q% I s. k( S' O7 B1 G$ a' G" g& c, v4 d* s
* W$ w4 c* I# T! I6 O0 z. ^9 t7 ~0 S2 [2 n2 Y/ y; h# e; \! G. k6 T
In the current paper, we present our work towards 8 M' {* M9 R e; I, M6 N3 e
accelerating intrusion detection operations at the edge network : C" c" h7 l, W9 F
using FPGAs. Cloud computing and network function ) \; ]& I: u d6 Y! O
virtualization have led to a new appealing paradigm for service + s ~/ z7 v; |# ^( F6 T
delivery and management. Unfortunately, this paradigm fails 4 {( @3 z; T0 x5 f7 O% D
to correctly support IoT applications and services that seek ' l. O8 `+ S6 T; Z2 O8 n
better communication platforms. Security as a Service can also ! B( k2 ]' ]- p- S
be seen as a cloud-based model that needs to be accommodated ( {6 w8 _1 e; P9 A) d( Y8 q2 b
to fulfill these services requirements. Again, one of the main
: P5 q# }) Y7 Qissues to be addressed in this context is how to improve the ' a( U% ?! Y( T* O9 z
performance of such systems or services in order to make them
4 @7 ]9 ?& v) j! @9 h! O0 Acapable of coping with the huge amount of data while
( t9 e$ C$ |( \remaining reliable. A potential solution is the FPGA based
2 @6 B1 H6 K% Q5 I7 h5 cedge computing, which is a powerful combination offering
0 F$ O1 B1 E8 WFPGA acceleration capabilities together with edge and fog 7 E- V5 y* t+ k$ X4 H6 _2 m9 q4 l
benefits. Indeed, our work focusses on devising an Intrusion 1 H8 O. z V5 s1 d& m% h" S& ^
Prevention architecture called FORTISEC (40SEC), that is
/ w) n; @+ k; `( Y& {+ ]- G3 Zmeant to operate in a completely softwarized as well as in an
2 \* z7 A2 ^# L1 {( X! HFPGA mode. Thereby, we present suitable algorithms, design
/ f$ H2 a8 o1 t2 T8 ?: Bprinciples and well defined components towards the
# W6 t. V% L; Q! [implementation of accelerated intrusion prevention on the ' u" ?, r! W6 T0 f( c
edge. We also present a testbed being utilized for the
0 M9 Z {8 V) b0 k- @" |* C5 C% F, Uimplementation of 40SEC and its performance testing. # x6 B6 ~$ f. g% ~/ m
- ?$ t! w) I3 h, Y1 w. z
! c$ T6 ~4 u0 \# n; n: O+ L
|