Attacks and Hardware Defenses for Network Infrastructure
Speaker: Tilman WolfThe functionality of routers inside the Internet continues to grow and already includes complex protocol processing operations for content adaptation, security, and network management. In the future Internet, this diversity of functionality will expand to encompass the entire protocol stack. Implementing such network customization fundamentally requires programmability in the data plane and multi-core embedded processor systems that can perform packet processing at high data rates. In this presentation, I will discuss my research group’s recent work that illustrates the challenges in providing security in these systems. I will provide an example that shows how vulnerable packet processors can be attacked through the data plane of the network. Using hardware monitors, my team has developed an effective defense mechanism against such attacks. I will explain how this work is also applicable to securing general-purpose embedded processing systems.