|
|
Hardware-Accelerated Device for Protection Against DoS Attacks
Kuka, Mário ; Kekely, Lukáš (referee) ; Kučera, Jan (advisor)
This thesis deals with the development of a firmware for hardware-accelerated device used as a protection against amplification (D)DoS attacks. In the today's world, (D)DoS attacks are very common and cause significant financial damages. Therefore the goal is to create affordable and easy to deploy centralized device that would resolve this issue. To reach this goal, a hardware accelerator is being used for the high-volume data transfer processing through a single commonly used server. Design and implementation of the firmware had been done considering the fact that this device will be used in the networks with 100\,Gbps speed. The whole system had undergone functional verification and its real throughput was verified within the laboratory testing as well. Created device has been already deployed into the CESNET network infrastructure during the time of the writing of this thesis and it has been tested by the network administrators. Based on the received feedback, the development will continue focusing on expanding of the detection of more types of attacks.
|
|
|
Automatic Configuration of Utility Tools for FPGA Firmware
Perešíni, Martin ; Matoušek, Jiří (referee) ; Kučera, Jan (advisor)
This bachelor's thesis is about designing an automatic configuration of utility tools for FPGA firmware. The assignment is solved within CESNET research activity, which is devoted on the development of hardware-accelerated network interface cards based on FPGA technology. The aim of the thesis is to replace current inflexible system for describing the firmware structure used by NIC, HANIC and SDM projects. The system was based on a firmware description by XML file, which was created manually for each configuration. Based on negative aspects of system is created new design, which is using Device Tree. Device Tree is opening possibility to change NetCOPE build system for automatic generating firmware description. Description of hardware is distributed together with firmware. In the thesis, the design of the system was implemented and then verified by testing functionality on the ethctl tool. At the end of the work are mentioned possible system features and extensions for future.
|
|
|
Automatic Configuration of Utility Tools for FPGA Firmware
Perešíni, Martin ; Matoušek, Jiří (referee) ; Kučera, Jan (advisor)
This bachelor's thesis is about designing an automatic configuration of utility tools for FPGA firmware. The assignment is solved within CESNET research activity, which is devoted on the development of hardware-accelerated network interface cards based on FPGA technology. The aim of the thesis is to replace current inflexible system for describing the firmware structure used by NIC, HANIC and SDM projects. The system was based on a firmware description by XML file, which was created manually for each configuration. Based on negative aspects of system is created new design, which is using Device Tree. Device Tree is opening possibility to change NetCOPE build system for automatic generating firmware description. Description of hardware is distributed together with firmware. In the thesis, the design of the system was implemented and then verified by testing functionality on the ethctl tool. At the end of the work are mentioned possible system features and extensions for future.
|
|
|
Hardware-Accelerated Device for Protection Against DoS Attacks
Kuka, Mário ; Kekely, Lukáš (referee) ; Kučera, Jan (advisor)
This thesis deals with the development of a firmware for hardware-accelerated device used as a protection against amplification (D)DoS attacks. In the today's world, (D)DoS attacks are very common and cause significant financial damages. Therefore the goal is to create affordable and easy to deploy centralized device that would resolve this issue. To reach this goal, a hardware accelerator is being used for the high-volume data transfer processing through a single commonly used server. Design and implementation of the firmware had been done considering the fact that this device will be used in the networks with 100\,Gbps speed. The whole system had undergone functional verification and its real throughput was verified within the laboratory testing as well. Created device has been already deployed into the CESNET network infrastructure during the time of the writing of this thesis and it has been tested by the network administrators. Based on the received feedback, the development will continue focusing on expanding of the detection of more types of attacks.
|
guest ::
