An Embedded Hardware/Software Platform for Network Firewall and IP Protocol Processing
Date Issued
2011
Date
2011
Author(s)
Chiu, Chih-Chun
Abstract
In this thesis, we design an integrated hardware/software firewall with a command-based software interface to check, add, or delete the rules of the firewall. In the hardware firewall, we use registers to store the rules, so we can change the rules by modifying the registers. We also offer a countermeasure to the ICMP flood attack. We check the specific ICMP messages and implement an automatic protection mechanism. On the other hand, we apply the parallel architecture to implement the IP protocol with firewall in the hardware. The experiment shows that we successfully integrate the hardware IP/firewall with the software-based transport layer protocol of the LWIP. With the simulation result of the Xilinx tool, our hardware IP/firewall can achieve about 15.973Mpps, which corresponds to the speed of 8.18Gbps assuming the 64Bytes packets.
Subjects
firewall
parallel
processing
ICMP flood attacks
LWIP
registers
Type
thesis
File(s)![Thumbnail Image]()
Loading...
Name
ntu-100-R98921036-1.pdf
Size
23.32 KB
Format
Adobe PDF
Checksum
(MD5):8f223f6e3d3c0ce832c6e457a7fccfe3