Martin Zádník

Learn More
AtoZ, an automatic traffic organizer, provides control of how network-resources are used by applications. It does this by combining the high-speed packet processing of the NetFPGA with an efficient method for application-behavior labeling. AtoZ can control network resources by prohibiting certain applications and controlling the resources available to(More)
This paper presents an FPGA-friendly approach to tracking elephant flows in network traffic. Our approach, Single Step Segmented Least Recently Used (S 3-LRU) policy, is a network traffic-friendly replacement policy for maintaining flow states in a Na¨ıve Hash Table (NHT). We demonstrate that our S 3-LRU approach preserves elephant flows: conservatively(More)
Flow-based network traffic processing, that is, processing packets based on some state information associated to the flows to which the packets belong, is a key enabler for a variety of network services and applications. This form of stateful traffic processing is used in modern switches [1] and routers that contain flow tables to implement forwarding,(More)
In this paper, an evolutionary approach is used to design multiple constant multipliers (MCMs). As these circuits can be composed of adders, subtractors and shifters, they perform a linear transform. An important consequence is that only a single input value is sufficient to completely evaluate a candidate circuit independently of its size and the bit width(More)
This paper describes the Net COPE platform porting issues to the new generation of the Net FPGA(-10G) cards. Achieved throughput and CPU utilization for various length of packets was measured. It was shown that we are able to reach maximum throughput of 12Gbps without any significant processor load. Xilinx ISE reports approximately 30% of the Net FPGA chip(More)
Since a lot of the networks do not apply source IP filtering to its outgoing traffic, an attacker may insert an arbitrary source IP address in an outgoing packet, i.e., IP address spoofing. This paper elaborates on a possibility to detect the spoofing in a large network peering with other networks. A proposed detection scheme is based on an analysis of(More)