Aerospace Technic and Technology

The subject of this study is the capabilities of FPGA technology for cybersecurity solutions with the network interface accelerators of SmartNIC, as well as the technologies for building, deploying, supporting, and accelerating intrusion detection systems and intrusion prevention systems. The goal of this work is to increase the performance of the network protection components of modern datacenters using hardware network interface accelerator cards based on FPGA technology. The task is to analyze the classification of cyber threats, to analyze methods of detecting cyber threats, to analyze the capabilities of modern FPGA accelerator cards for the creation of SmartNICs, to propose the architecture for hardware implementation of intrusion prevention system based on FPGA accelerator cards, and to propose the sequence of steps for creation of hardware implementation of intrusion prevention system based on FPGA acceleration. According to the tasks, the following results were obtained. The analysis of the main categories of common cyberthreats that should be considered when creating systems is performed. Two main principles of intrusion detection including the signature method and the anomaly detection method are analyzed. The analysis of the possibilities of using FPGA accelerator cards for hardware acceleration of network interfaces and the creation of SmartNICs is performed. The architecture of hardware implementation of network interface components for intrusion prevention system based on FPGA accelerator cards in data centers is proposed. The sequence of steps for creation of FPGA-based implementation of intrusion prevention system is proposed. Conclusions. The scientific novelty of the obtained results is in the fact that the analysis of the specifics of cyberthreats of datacenters and capabilities of FPGA accelerator cards with support of high-speed network interfaces allows to propose the set of recommendations for the creation of intrusion detection systems and intrusion prevention systems with the transfer of work to hardware implementation, which will make it possible to offload the computing resources of server and thereby increase its performance. The software component of the solution provides the possibility of improvements and continuously updating the operating profile of the hardware component of such intrusion detection and intrusion prevention systems directly in the system.

Intrusion Detection System; Intrusion Prevention System; IDS; IPS; FPGA as a Service; SmartNIC; offloading datacenter resources

Tetskyi, A., & Uzun, D. Intrusion detection and prevention systems as a component of ensuring compliance with regulatory documents. Radioelektronni i komp'uterni sistemi – Radioelectronic and computer systems, 2024, no. 3, pp. 166-174. DOI: 10.32620/reks.2024.3.11.

Amoud, M., & Roudies, O. Dynamic adaptation and reconfiguration of security in mobile devices. Proceedings of 2017 International Conference On Cyber Incident Response, Coordination, Containment & Control (Cyber Incident), 2017, pp. 1-6. DOI: 10.1109/CYBERINCIDENT.2017.8054639.

Shanthi, K., & Maruthi, R. A Comparative Study of Intrusion Detection and Prevention Systems for Cloud Environment. Proceedings of 2023 4th International Conference on Electronics and Sustainable Communication Systems (ICESC 2023), 2023, pp. 493-496. DOI: 10.1109/ICESC57686.2023.10193694.

K, P., & Sudhakar, P. A Comprehensive Survey: Exploring Current Trends and Challenges in Intrusion Detection and Prevention Systems in the Cloud Computing Paradigm. Proceedings of 2024 2nd International Conference on Intelligent Data Communication Technologies and Internet of Things (IDCIoT 2024), 2024, pp. 351-358. DOI: 10.1109/IDCIoT59759.2024.10467700.

Ghumman, S. A Comparative Evaluation of network Attack Detection and Prevention Strategies in multi model Cloud servers. Proceedings of 2023 4th IEEE Global Conference for Advancement in Technology (GCAT 2023), 2023, pp. 1-6. DOI: 10.1109/GCAT59970.2023.10353441.

Tayyebi, Y., & Bhilare, D. S. Security solutions in Cloud through customized IDS configuration at VM level. Proceedings of 2018 International Conference on Advanced Computation and Telecommunication (ICACAT 2018), 2018, pp. 1-5. DOI: 10.1109/ICACAT.2018.8933581.

Perepelitsyn, A., Kasapien, Y., Fesenko, H., & Kharchenko, V. Technologies for Implementing of Artificial Intelligence as a Service based on Hardware Accelerators. Aviacijno-kosmicna tehnika i tehnologia – Aerospace technic and technology, 2022, no. 6, pp. 57-65. DOI: 10.32620/aktt.2022.6.07.

Roy, A., Kapila, V., Gupta, A., & Pal, R. A Novel Network On Chip Architecture For FPGA Smart NIC. Proceedings of 2023 IEEE Women in Technology Conference (WINTECHCON 2023), 2023, pp. 1-5. DOI: 10.1109/WINTECHCON58518.2023.10276404.

Alveo Product Selection Guide, Data Center Accelerator Cards, Xilinx. Available at: https://www.xilinx.com/content/dam/xilinx/support/documents/selection-guides/alveo-product-selection-guide.pdf. (accessed July 24, 2024).

Altera® FPGA AI NICs and SmartNICs, Accel-erate Data from Edge to Cloud, Intel. Available at: https://www.intel.com/content/www/us/en/products/details/fpga/platforms/smartnic.html. (accessed September 08, 2024).

Wu, M., Matsutani, H., & Kondo, M. ONLAD-IDS: ONLAD-Based Intrusion Detection System Using SmartNIC. Proceedings of 2022 IEEE 24th Int Conf on High Performance Computing & Communications; 8th Int Conf on Data Science & Systems; 20th Int Conf on Smart City; 8th Int Conf on Dependability in Sensor, Cloud & Big Data Systems & Application (HPCC/DSS/SmartCity/DependSys 2022), 2022, pp. 546-553. DOI: 10.1109/HPCC-DSS-SmartCity-DependSys57074.2022.00100.

Pacífico, R. D. G., Vieira, M. A. M., Duarte, L. F. S., & Nacif, J. A. M. Function as a Service Offloaded to a SmartNIC. Proceedings of 2022 IEEE Latin-American Conference on Communications (LATINCOM 2022), 2022, pp. 1-6. DOI: 10.1109/LATINCOM56090.2022.10000473.

Miano, S., Doriguzzi-Corin, R., Risso, F., Siracusa, D., & Sommese, R. Introducing SmartNICs in Server-Based Data Plane Processing: The DDoS Mitigation Use Case. in IEEE Access, 2019, vol. 7, pp. 107161-107170. DOI: 10.1109/ACCESS.2019.2933491.

Sheeraz, M., Hanif Durad, M., Tahir, S., Tahir, H., Saeed, S., & Almuhaideb, A. M. Advancing Snort IPS to Achieve Line Rate Traffic Processing for Effective Network Security Monitoring. in IEEE Access, 2024, vol. 12, pp. 61848-61859. DOI: 10.1109/ACCESS.2024.3395123.

Shah, S. A. R., & Issac, B. Performance comparison of intrusion detection systems and application of machine learning to Snort system. Future Generation Computer Systems, 2018, vol. 80, pp. 157-170. DOI: 10.1016/j.future.2017.10.016.

Vähäkainu, P., & Lehto, M. Use of Artificial Intelligence in a Cybersecurity Environment. In: Sipola, T., Kokkonen, T., Karjalainen, M. (eds) Artificial Intelligence and Cybersecurity. Springer, Cham, 2023. pp. 3-27. DOI: 10.1007/978-3-031-15030-2_1.

Tetskyi, A. Testuvannia na pronyknennia komponentiv FPGA yak servisu dlia zabezpechennia kiberbezpeky [Penetration testing of FPGA as a Service components for ensuring cybersecurity]. Aviacijno-kosmicna tehnika i tehnologia – Aerospace technic and technology, 2023, no. 6, pp. 95–101. DOI: 10.32620/aktt.2023.6.11. (In Ukrainian).

Alveo U50 Data Center Accelerator Card Data Sheet, DS965 (v1.8) June 23, 2023. Available at: https://docs.amd.com/r/en-US/ds965-u50 (accessed September 08, 2024).

Alveo U280 Data Center Accelerator Card, UG1314 (v1.1) June 15, 2023. Available at: https://docs.amd.com/r/en-US/ug1314-alveo-u280-reconfig-accel (accessed September 08, 2024).

VHK158 Evaluation Board User Guide, AMD, UG1611 (v1.0). Available at: https://docs.xilinx.com/r/en-US/ug1611-vhk158-eval-bd (accessed September 08, 2024).

Alveo UL3524 Ultra Low Latency Trading Data Sheet, AMD, DS1009 (v1.1). Available at: https://docs.xilinx.com/r/en-US/ds1009-ul3524 (accessed September 08, 2024).

Alveo Portfolio Product Selection Guide, AMD, XMP451 (v2.1). Available at: https://docs.amd.com/v/u/en-US/alveo-product-selection-guide (accessed September 08, 2024).

Silicom FPGA SmartNIC N5014, Silicom Ltd. Connectivity Solutions. Available at: https://www.silicom.dk/wp-content/uploads/2023/08/PB_Silicom_FPGA_SmartNIC_N5014_v1.4.pdf (accessed September 08, 2024).

A SmartNIC for Accelerating Communications and Networking Workloads. Intel. Available at: https://www.intel.com/content/www/us/en/content-details/779620/a-smartnic-for-accelerating-communications-and-networking-workloads.html (accessed September 08, 2024).

NT200A02 200G SmartNIC, Xilinx. Available at: https://www.xilinx.com/products/boards-and-kits/1-18tmaxd.html (accessed September 08, 2024).

Alveo SN1000 SmartNIC, Xilinx. Available at: https://www.xilinx.com/publications/technology-briefs/xilinx-alveo-sn1000-technical-brief.pdf (accessed September 08, 2024).

Vitis Unified Software Platform Documen¬tation: Embedded Software Development, AMD, UG1400 (v2024.1). Available at: https://docs.amd.com/r/en-US/ug1400-vitis-embedded/Migrating-from-the-Classic-Vitis-IDE-to-Vitis-Unified-IDE (accessed September 08, 2024).