BloomCasting: Security in Bloom Filter Based Multicast

Särelä, Mikko; Rothenberg, Christian Esteve; Zahemszky, Andras; Nikander, Pekka; Ott, Jörg

doi:10.1007/978-3-642-27937-9_1

Cited by 12 publications

(10 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The observable case is a packet with all-ones filter: In which a packet is forwarded to all nodes and the packet loops around and cycles in the network. M. Särelä et al [4], [10] figured out that false positives can also result in un-wanted loops if a packet is mistakenly sent back to an previous node in the multicast tree, and false positives among two paths of the multicast tree may result in flow duplication. To overcome these issues, M. Särelä et al suggested per router permutation of bloom filters.…”

Section: H Forwarding Anomalies and Bit Permutationsmentioning

confidence: 99%

Survey On: Denial-of-Service Attacks with Bloom-Filters

Parte¹,

Dhole²,

Sonsale³

et al. 2015

IJERT

View full text Add to dashboard Cite

Now a days, World Wide Web (WWW) is most popular but, vulnerability is the major issue as DoS attacks are possible while the packet is being forwarded through the Internet. The standard packet forwarding system requires storage for the purpose of storing the information about routing table, making more overheads on memory. Bloom-filter is data structure which is stored in packet header. Bloom-filters contain information about packet forwarding and packet path so that forwarding can take place and forwarding node does not need to store any information. But using bloom-filters lead to possibility of DoS attacks in network, therefore the security mechanism of bloomfilter needs to be well tested against DoS attack. Thus implementation of additional security feature is required.

show abstract

Section: H Forwarding Anomalies and Bit Permutationsmentioning

confidence: 99%

Survey On: Denial-of-Service Attacks with Bloom-Filters

Parte¹,

Dhole²,

Sonsale³

et al. 2015

IJERT

View full text Add to dashboard Cite

show abstract

“…Two main hostile attacks are the chain reaction attack and the target path attack [14]. The first is to trigger occurrence of forwarding anomalies, and the second is to converge as many packet flows as possible on a particular path with a large number of zombie hosts.…”

Section: Core Design Issuesmentioning

confidence: 99%

“…The typical value of r max is set to approximately 0.5, which strikes a balance between space efficiency and false positive rate [14]. Varying the structure of the Bloom filter such as the number of hash functions or the order of 1-bit positions can also improve the security level.…”

Section: Core Design Issuesmentioning

confidence: 99%

“…Encrypting link IDs or the Bloom filter is to make routing information secret and prevent target path attack. The node could dynamically compute each packet a different Bloom filter for the same link ID, where the computation involves some context information including input/output interface, secret key of the time, flow ID of the packet and some parameters for performance optimization [14].…”

Section: Core Design Issuesmentioning

confidence: 99%

See 1 more Smart Citation

Bloom filter-based scalable multicast: methodology, design and application

Tian

Cheng

2013

IEEE Network

View full text Add to dashboard Cite

he prevalence of multimedia applications, such as IPTV, video conferencing, online multi-player games, over the Internet has manifested the importance of developing a scalable and efficient networking protocol to disseminate shared data to widely distributed destinations. Recently, Bloom filter based multicast has been proposed as a solution for the need, where routing information is carried in the multicast packet in the format of a Bloom filter. This family of protocols has been gaining an increasing interest in the field due to their desirable scalability over predecessor multicast protocols. This article gives a tutorial of the Bloom-filter based multicast protocols by answering some important questions. What is the fundamental issue hindering the success of the traditional multicast protocols? How has the research on multicast evolved all the way to the current state? What specific benefits can the Bloom filter based multicast bring? How could the Bloom filter based multicast benefit the multimedia applications over IP? What could be the open research issues in the field?We reveal the impetus behind the evolution path of multicast mechanisms, in order to help understanding how multicast has developed into the current state. The evolution of the multicast mechanism in fact epitomizes the evolution of Internet itself. The early IP multicast is to construct a tree structure by networking routers in a single flat topology [1]. As the domain-based hierarchical architecture adopted by Internet, multicast protocols originally designed for the flat network are extended into the inter-domain scenario, where improving IP multicast scalability has been put many efforts but still can not be thoroughly resolved. This is because the networking node involved in IP multicast has to install a forwarding state for each multicast group it is supporting, and the associated messaging and memory overhead will grow linearly.The Bloom filter based multicast takes a source routing methodology. The fundamental design is to carry routing information in the multicast packet in the format of a Bloom filter, which is a randomized data structure for representing a set and supporting membership queries [2, 3]. The routing information will be extracted by the intermediate networking node and used to compute appropriate packet copies and output interfaces. Since each node has no need maintaining the group-specific forwarding states, the Bloom filter based multicast has desirable scalability. According to the information encoded into the Bloom filter, these multicast protocols can be categorized as tree oriented [4]and destination oriented [5], where the former encodes the multicast tree branches while the latter encodes receiver domains' network prefixes. This seemingly slight difference can incur significant distinctions in protocol design and performance, which will be described later in a tutorial manner.Multicast is normally considered the most bandwidth efficient way for delivering multimedia services, but how to utilize the particular ...

show abstract

“…In each network, a maximum value, m , of fill factor is allowed and hence any packet with a Bloom filter of , where > m , is automatically dropped. This is required because otherwise an attacker could simply create a packet of all one values and launch a DDoS attack or send unwanted traffic to every user in the network [25,24]. A Bloom filter with a maximum fill factor is called maximally filled and hence no more LIDs can be inserted.…”

mentioning

confidence: 99%

Selecting Bloom-filter header lengths for secure information centric networking

Alzahrani

Reed

2014

2014 9th International Symposium on Communication Systems, Networks &Amp; Digital Sign (CSNDSP)

View full text Add to dashboard Cite

Information-centric networking (ICN) is a new communication paradigm that shifts the focus from end hosts to information objects. Recent studies have shown that ICN can provide more efficient mobility support and multicast/anycast content delivery compared to traditional host-centric solutions. Nevertheless, the ICN solutions proposed so far are not very mature from the security viewpoint. In this paper, we study one of the most important Bloom-filter based ICN forwarding mechanisms and discuss its security vulnerabilities. Next, we propose some enhancements to this mechanism, which aim at increasing its resistance to brute-force attacks. Our proposed solutions are supported by simulation studies.

show abstract

BloomCasting: Security in Bloom Filter Based Multicast

Cited by 12 publications

References 22 publications

Survey On: Denial-of-Service Attacks with Bloom-Filters

Survey On: Denial-of-Service Attacks with Bloom-Filters

Bloom filter-based scalable multicast: methodology, design and application

Selecting Bloom-filter header lengths for secure information centric networking

Contact Info

Product

Resources

About