University of Maryland University College
Modern router hardware in computer networks is based on programmable network processors, which implement various packet forwarding operations in software. These processor systems are vulnerable to attacks that can be launched entirely through the data plane of the network without any access to the control interface of the router. Prior work has shown that a single malformed UDP packet can take over a network processor running vulnerable packet processing software and trigger a devastating denial-of-service attack from within the network. One possible defense mechanism for these resource constrained network processors is the use of hardware monitoring systems that track the operations of each processor core.