Malacoda: towards high-level compilation of network security applications on reconfigurable hardware

AutorMühlbach, Sascha; Koch, Andreas
ArtConference Proceedings
AbstraktWhile the use of reconfigurable computing for tasks such as packet header processing or deep packet-inspection in high-speed networks has been widely studied, efforts to extend the technology to application-level processing have only recently been made. One issue that has prevented wider use of reconfigurable platforms in that context is the unfamiliar programming environment: Such systems commonly require expertise in computer architecture and digital logic design generally foreign to networking experts. To make the technology more accessible to potential users, we present the high-level domain-specific language Malacoda for application-level network processing and an associated compiler that automatically translates Malacoda descriptions into high-performance hardware blocks for insertion into an FPGA-based processing platform. We evaluate our approach on the use-case of a hardware-accelerated secure honeypot-in-a-box, programmed in Malacoda, and implemented on the NetFPGA 10G board. Results from a live-test of the system connected to a 10G Internet uplink complete the evaluation.
SerieANCS '12
InProceedings of the eighth ACM/IEEE symposium on Architectures for networking and communications systems, p.247-258