| Project/Area Number |
18K18043
|
|---|
| Research Category |
Grant-in-Aid for Early-Career Scientists
|
| Allocation Type | Multi-year Fund |
|---|
| Review Section |
Basic Section 60060:Information network-related
|
|---|
| Research Institution | The University of Tokyo |
|---|
Principal Investigator |
Kuga Yohei 東京大学, 情報基盤センター, 特任講師 (90816597)
|
|---|
| Project Period (FY) |
2018-04-01 – 2020-03-31
|
| Project Status |
Completed (Fiscal Year 2019)
|
| Budget Amount *help |
¥3,900,000 (Direct Cost: ¥3,000,000、Indirect Cost: ¥900,000)
Fiscal Year 2019: ¥910,000 (Direct Cost: ¥700,000、Indirect Cost: ¥210,000)
Fiscal Year 2018: ¥2,990,000 (Direct Cost: ¥2,300,000、Indirect Cost: ¥690,000)
|
|---|
| Keywords | DDoS緩和 / PCI Express / ネットワークハードウェア / インターコネクト / ACL / FPGA / ページテーブル / DDoS mitigation / Network security / Internet |
|---|
| Outline of Final Research Achievements |
We researched a new mitigation method for DDoS attacks. The proposed method handles network traffic with hardware ACL filters on PCI Express (PCIe) devices, and the filter rules are stored on the host memory of the host PC connected with PCIe. In the method, the filter circuit operates the host memory by DMA. Thus, it enables high throughput DDoS mitigation with large memory space.
And we proposed a prototype environment for developing PCIe hardware by network programming. As this result, the proposed method has contributed to simplifying the research and development for network hardware.
|
| Academic Significance and Societal Importance of the Research Achievements |
パスワードの脆弱な監視カメラや家庭用ルータなどのIoT機器に感染するマルウェアの登場によって,IoTデバイスを用いたDDoS攻撃が大規模化している.本研究は,ソフトウェアによる柔軟なフィルタルールの記述と高スループット処理を両立したハードウェア型DDoS緩和を可能にし,インターネット運用の健全化に貢献する.
|
