论文信息 - Improving false positive in Bloom filter

Improving false positive in Bloom filter

Bloom filter is a space-efficient data structure used for supporting membership queries, e.g. pattern matching. Bloom filter is used in many network processing applications. For instance, in today's internet, viruses, worms and network intruders cause service damages with enormous economic impact. In many security systems, such as intrusion detection systems we need to inspect packets' header and payload for predefined strings (called signatures) to detect malicious packets. Pattern matching process is usually deployed in routers and should keep pace with high network speed. Therefore pattern matching algorithms may become critical bottleneck in intrusion detection systems. Hence hardware-based techniques like Bloom filter are preferred rather than software-based solutions, to meet the performance goals. In this paper we describe a technique to improve Bloom filter performance. Simulation results and analysis show that false alarms decrease significantly using this technique.

Farzaneh Sadat Tabataba | Masoud Reza. Hashemi

[1] Craig Partridge,et al. Hash-based IP traceback , 2001, SIGCOMM.

[2] Li Fan,et al. Summary cache: a scalable wide-area web cache sharing protocol , 2000, TNET.

[3] Haoyu Song,et al. Fast hash table lookup using extended bloom filter: an aid to network processing , 2005, SIGCOMM '05.

[4] Haoyu Song,et al. Fast packet classification using bloom filters , 2006, 2006 Symposium on Architecture For Networking And Communications Systems.

[5] Kang Li,et al. Approximate caches for packet classification , 2004, IEEE INFOCOM 2004.

[6] Stephan Wong,et al. Modified collision packet classification using counting bloom filter in tuple space , 2007, Parallel and Distributed Computing and Networks.

[7] John W. Lockwood,et al. Deep packet inspection using parallel bloom filters , 2004, IEEE Micro.

[8] M. V. Ramakrishna,et al. A Performance Study of Hashing Functions for Hardware Applications , 1994 .

[9] Burton H. Bloom,et al. Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[10] Andrei Broder,et al. Network Applications of Bloom Filters: A Survey , 2004, Internet Math..

[11] Larry Carter,et al. Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[12] David E. Taylor,et al. Longest prefix matching using bloom filters , 2006, TNET.