During my third year at Télécom Bretagne, I worked on a project with two colleagues to develop an hardware accelerated network monitoring tool using a NetFPGA. This low-level project was very interesting and made me discover how to develop directly in hardware using a language called Verilog.

To let you discover this project, I pasted below the abstract of our final report.

Abstract

The growing use of the Internet, with services like YouTube, Dailymotion or Peer-to-Peer, raises the demand for larger bandwidths continuously. This and the technological evolution leads to traffic which is becoming more and more important. With the increasing bandwidth, the observation and control of the traffic also needs to be accomplished at a higher speed. This new challenge is being encountered by using hardware implementations of monitoring algorithms.

During our third-year project at Télécom Bretagne we worked on such a hardware implementation using a NetFPGA, a PCI board containing an FPGA and four Ethernet ports. Starting with a simple Ethernet hub that we added to the existing structure of the NetFPGA, we continued with the implementation of a detection of TCP SYN packets. In order to count these SYN packets, needed for the detection of SYN flooding attacks, we used a special stream mining algorithm to reduce the memory needed : the CMS algorithm.

More information

Everything we did about this project is available online on the Trac of our project. The final report is also available (in French, sorry).