A Reconfigurable Platform and Programming Tools for High-Level Network Applications Demonstrated as a Hardware Honeypot

The security of computer systems and networks is severely threatened today by the combination of novel attack patterns and high traffic volumes. Together, this often exceeds the capabilities of purely software-based network security systems. As an alternative, hardware acceleration has been employed, e.g., for performing deep-packet inspection and pattern matching as well as general packet-header processing. While such implementations, capable of handling lower protocol layers, have been extensively studied in research and industry, their extension to higher communication layers has only rarely been addressed. Such capabilities, including the application level (OSI Layer 7), are the focus of this work. We present the NetStage platform, employing reconfigurable computing for high-throughput low-latency network processing, as well as associated development tools that allow networking domain experts to easily customize the system. As a use-case, we consider the realization of high-performance attack-resilient honeypots based on NetStage. To this end, we introduce the Malacoda language, its programming tools, and the generated target microarchitecture. We then evaluate the performance of Malacoda-generated vulnerability emulation handlers running on the NetStage platform.