Since the beginning of the Internet, it has evolved from an academic-only network into an essential component of our communication system. Recent changes in the Internet’s infrastructure propose a clean slate design and consider security as a critical factor. In particular, security of Internet’s core routers is very important since they use a shared network infrastructure with high data rates that transmit much of the Internet’s traffic. We seek to investigate whether detecting potential malicious traffic streams at the network core could potentially aid in detecting attacks directed to both routers and end-systems. The NetFPGA platform employs a special purpose Field Programmable Gate Array which enables a researcher to prototype new or existing networking technologies directly into hardware. Using the NetFPGA platform and a multi-criteria decision making algorithm, we can compute a set of interesting objects based on multi-criteria applied to live packet header information. By considering criteria metrics such as network address frequency as well as the packet size and type; the proposed hardware design could potentially aid in the detection of malformed packets generated by malicious hosts. In order to test the feasibility of the proposed design, a snapshot of the Internet topology will be used in the DETERlab security testbed to emulate the paths between the core and content providers. The DETERlab testbed will allow us to generate malicious traffic streams to determine the efficiency of the proposed design.