Abstract: Apparatuses, systems, and techniques for detecting that a host device is subject to a distributed denial of service (DDOS) attack using a machine learning (ML) detection system are described. A computing system includes a switch with port interfaces, a central processing unit (CPU) that implements a machine learning (ML) detection system, and network monitoring logic. The network monitoring logic can extract features from network data and send the extracted features to the ML detection system. The ML detection system determines whether the host device is subject to a DDOS attack using the extracted features. The ML detection system can send an alert to the host device responsive to a determination that the host device is subject to the DDOS attack.

Abstract: Apparatuses, systems, and techniques for detecting that a host device is subject to a distributed denial of service (DDOS) attack using a machine learning (ML) detection system are described. A computing system includes a data processing unit (DPU) with a network interface and a hardware acceleration engine. The DPU hosts a hardware-accelerated security service to extract features from network data and metadata from the hardware acceleration engine and sends the extracted features to the ML detection system. The ML detection system determines whether the host device is subject to a DDOS attack using the extracted features. The ML detection system can send an enforcement rule to the hardware acceleration engine responsive to a determination that the host device is subject to the DDOS attack.

Abstract: In one embodiment, a data communication device includes a network interface controller to process packets received from at least one of a host device for sending over a network, and at least one remote device over the network, at least one processor to execute computer instructions to receive a configuration, and extract filtering rules from the configuration, and at least one hardware accelerator to receive the filtering rules from the at least one processor, and filter the packets based on the rules so that some of the packets are dropped and some of the packets are forwarded to the at least one processor to send data based on the forwarded packets to another device.

Abstract: A method includes providing a library of hardware-agnostic packet-processing functions. A functional hardware-agnostic specification of a packet-processing pipeline is received from a user. The specification is defined in terms of one or more of the packet-processing functions drawn from the library. A hardware-specific design of the packet-processing pipeline, which is suited to given hardware, is derived from the specification.

Abstract: Apparatuses, systems, and techniques for detecting that a host device is subject to a malicious network attack using a machine learning (ML) detection system are described. A computing system includes a graphics processing unit (GPU) and an integrated circuit with a network interface, and a hardware acceleration engine. The integrated circuit hosts a hardware-accelerated security service to extract features from network data and metadata from the hardware acceleration engine and sends the extracted features to the GPU. Using the ML detection system, the GPU determines whether the host device is subject to a malicious network attack using the extracted features. The GPU can send an enforcement rule to the integrated circuit responsive to a determination that the host device is subject to the malicious network activity.

Abstract: Apparatuses, systems, and techniques for detecting that a host device is subject to a malicious network attack using a machine learning (ML) detection system are described. A computing system includes a graphics processing unit (GPU) and an integrated circuit with a network interface, and a hardware acceleration engine. The integrated circuit hosts a hardware-accelerated security service to extract features from network data and metadata from the hardware acceleration engine and sends the extracted features to the GPU. Using the ML detection system, the GPU determines whether the host device is subject to a malicious network attack using the extracted features. The GPU can send an enforcement rule to the integrated circuit responsive to a determination that the host device is subject to the malicious network activity.

Abstract: A method includes providing a library of hardware-agnostic packet-processing functions. A functional hardware-agnostic specification of a packet-processing pipeline is received from a user. The specification is defined in terms of one or more of the packet-processing functions drawn from the library. A hardware-specific design of the packet-processing pipeline, which is suited to given hardware, is derived from the specification.

Abstract: A system and method may detect crypto mining, including using a processor: obtaining a stream of packets; extracting metadata of the packets; and determining whether the packets are related to crypto mining by providing the metadata of the packets to a machine learning (ML) model.

Abstract: A method includes providing a library of hardware-agnostic packet-processing functions. A functional hardware-agnostic specification of a packet-processing pipeline, for use in a network device, is received from a user. The specification is defined in terms of one or more of the packet-processing functions draws from the library. A hardware-specific design of the packet-processing pipeline, which is suited to given hardware, is derived from the specification.

Abstract: Apparatuses, systems, and techniques of using one or more circuits (e.g., of a network interface) to obtain contents of at least one memory region usable, by one or more processes being performed by a host computing system, to store dynamic memory allocations, and determine whether any of the process(es) is performing at least one potentially harmful task based at least in part on the contents of the memory region(s).

Abstract: Apparatuses, systems, and techniques of using one or more circuits (e.g., of a network interface) to obtain assembly code for one or more machine code segments loaded and/or injected into a process, and determine whether the assembly code is likely to perform at least one unauthorized task.

Abstract: Apparatuses, systems, and techniques for detecting that a host device is subject to a malicious network attack using a machine learning (ML) detection system are described. A computing system includes a graphics processing unit (GPU) and an integrated circuit with a network interface, and a hardware acceleration engine. The integrated circuit hosts a hardware-accelerated security service to extract features from network data and metadata from the hardware acceleration engine and sends the extracted features to the GPU. Using the ML detection system, the GPU determines whether the host device is subject to a malicious network attack using the extracted features. The GPU can send an enforcement rule to the integrated circuit responsive to a determination that the host device is subject to the malicious network activity.

Abstract: In one embodiment, a data communication device includes a network interface controller to process packets received from at least one of a host device for sending over a network, and at least one remote device over the network, at least one processor to execute computer instructions to receive a configuration, and extract filtering rules from the configuration, and at least one hardware accelerator to receive the filtering rules from the at least one processor, and filter the packets based on the rules so that some of the packets are dropped and some of the packets are forwarded to the at least one processor to send data based on the forwarded packets to another device.

Abstract: A method includes providing a library of hardware-agnostic packet-processing functions. A functional hardware-agnostic specification of a packet-processing pipeline, for use in a network device, is received from a user. The specification is defined in terms of one or more of the packet-processing functions draws from the library. A hardware-specific design of the packet-processing pipeline, which is suited to given hardware, is derived from the specification.