Bloom filter applications in network security: A state-of-the-art survey

Undoubtedly, dealing with security issues is one of the most important and complex tasks various networks face today. A large number of security algorithms have been proposed to enhance security in various types of networks. Many of these solutions are either directly or indirectly based on Bloom filter (BF), a space- and time-efficient probabilistic data structure introduced by Burton Bloom in 1970. Obviously, Bloom filters and their variants are getting more and more consideration in network security area. This paper provides an up-to-date survey of the application of BFs and their variants to improve performance of the approaches proposed to address security problems with different types of networks.

[1]  Haoyu Song,et al.  Multi-pattern signature matching for hardware network intrusion detection systems , 2005, GLOBECOM '05. IEEE Global Telecommunications Conference, 2005..

[2]  George Varghese,et al.  An Improved Construction for Counting Bloom Filters , 2006, ESA.

[3]  Sozo Inoue,et al.  A Secure High-Speed Identification Scheme for RFID Using Bloom Filters , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[4]  Taskin Koçak,et al.  Low-power bloom filter architecture for deep packet inspection , 2006, IEEE Communications Letters.

[5]  Qi Deyu,et al.  Fast Dynamic Pattern Matching for Deep Packet Inspection , 2008, 2008 IEEE International Conference on Networking, Sensing and Control.

[6]  Taskin Koçak,et al.  A low power lookup technique for multi-hashing network applications , 2006, IEEE Computer Society Annual Symposium on Emerging VLSI Technologies and Architectures (ISVLSI'06).

[7]  D. Sy,et al.  CAPTRA: coordinated packet traceback , 2006, 2006 5th International Conference on Information Processing in Sensor Networks.

[8]  Norio Shiratori,et al.  Improving the Precision and Efficiency of Log-Based IP Packet Traceback , 2007, IEEE GLOBECOM 2007 - IEEE Global Telecommunications Conference.

[9]  James K. Mullin,et al.  Optimal Semijoins for Distributed Database Systems , 1990, IEEE Trans. Software Eng..

[10]  Craig Partridge,et al.  Single-packet IP traceback , 2002, TNET.

[11]  Habib Youssef,et al.  An efficient source authentication scheme in wireless sensor networks , 2010, ACS/IEEE International Conference on Computer Systems and Applications - AICCSA 2010.

[12]  Abhishek Kumar,et al.  Space-code bloom filter for efficient per-flow traffic measurement , 2004, IEEE INFOCOM 2004.

[13]  Rafael M. Gasca,et al.  Efficient packet filtering in wireless ad hoc networks , 2008, IEEE Communications Magazine.

[14]  Alexander Wiesmaier,et al.  In-packet Bloom filters: Design and networking applications , 2011, Comput. Networks.

[15]  Rafael P. Laufer,et al.  Generalized Bloom Filters , 2007 .

[16]  Zhenyu Liu,et al.  A Fast Bloom Filters Method in APN Filtering , 2008, 2008 IEEE Pacific-Asia Workshop on Computational Intelligence and Industrial Application.

[17]  Shyue-Kung Lu,et al.  Efficient BISR Techniques for Embedded Memories Considering Cluster Faults , 2007 .

[18]  Kumar S P Arun Flow-aware Cross Packet Inspection using Bloom Filters for High Speed Data-path Content Matching , 2009, 2009 IEEE International Advance Computing Conference.

[19]  Jun Li,et al.  Large-scale IP traceback in high-speed Internet: practical techniques and theoretical foundation , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[20]  Dhiren R. Patel,et al.  Replay Protection at the Link Layer Security in Wireless Sensor Networks , 2009, 2009 WRI World Congress on Computer Science and Information Engineering.

[21]  Ming Zhang,et al.  Memory Efficient Protocols for Detecting Node replication attacks in wireless sensor networks , 2009, 2009 17th IEEE International Conference on Network Protocols.

[22]  Dan Peng,et al.  Research on DDoS Filtering Algorithm Based on Bloom Filter WhiteList , 2008, 2008 International Conference on MultiMedia and Information Technology.

[23]  John Kubiatowicz,et al.  Probabilistic location and routing , 2002, Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies.

[24]  Syed Obaid Amin,et al.  Hop-by-Hop Traceback in Wireless Sensor Networks , 2012, IEEE Communications Letters.

[25]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[26]  Stefano Giordano,et al.  Counting bloom filters for pattern matching and anti-evasion at the wire speed , 2009, IEEE Network.

[27]  Nasir D. Memon,et al.  Payload attribution via hierarchical bloom filters , 2004, CCS '04.

[28]  Antonio Nucci,et al.  Design of Bloom Filter Array for Network Anomaly Detection , 2006 .

[29]  Marine Minier,et al.  Hierarchical node replication attacks detection in wireless sensors networks , 2009, 2009 IEEE 20th International Symposium on Personal, Indoor and Mobile Radio Communications.

[30]  Zhao Yuan,et al.  A Cascade Hash Design of Bloom Filter for Signature Detection , 2009, 2009 International Forum on Information Technology and Applications.

[31]  Chao Xu,et al.  Traceback-Based Bloomfilter IPS in Defending SYN Flooding Attack , 2009, 2009 5th International Conference on Wireless Communications, Networking and Mobile Computing.

[32]  M. Douglas,et al.  Development of a Spelling List , 1982 .

[33]  Young-Chon Kim,et al.  Destination Address Monitoring Scheme for Detecting DDoS Attack in Centralized Control Network , 2006, 2006 Asia-Pacific Conference on Communications.

[34]  William Kozma,et al.  Reactive Identification of Misbehavior in Ad Hoc Networks Based on Random Audits , 2008, 2008 5th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[35]  Sarang Dharmapurikar,et al.  Longest prefix matching using bloom filters , 2006, IEEE/ACM Transactions on Networking.

[36]  Lee L. Gremillion Designing a Bloom filter for differential file access , 1982, CACM.

[37]  John W. Lockwood,et al.  Reprogrammable network packet processing on the field programmable port extender (FPX) , 2001, FPGA '01.

[38]  Shiyong Zhang,et al.  Probabilistic Isolation of Malicious Vehicles in Pseudonym Changing VANETs , 2007, 7th IEEE International Conference on Computer and Information Technology (CIT 2007).

[39]  C. F. Chong,et al.  IDR: an intrusion detection router for defending against distributed denial-of-service (DDoS) attacks , 2004, 7th International Symposium on Parallel Architectures, Algorithms and Networks, 2004. Proceedings..

[40]  Masaru Takesue Personalized Filtering of Polymorphic E-mail Spam , 2009, 2009 Third International Conference on Emerging Security Information, Systems and Technologies.

[41]  Fang Hao,et al.  Incremental Bloom Filters , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[42]  Matt W. Mutka,et al.  Sharing presence information and message notification in an ad hoc network* , 2003, Proceedings of the First IEEE International Conference on Pervasive Computing and Communications, 2003. (PerCom 2003)..

[43]  Zhenyu Liu,et al.  Application of Bloom Filter for GTP Stateful Inspection in Network Processor , 2009, 2009 Fifth International Conference on Information Assurance and Security.

[44]  Young-Tak Kim,et al.  Security management with scalable distributed IP traceback , 2009, 2009 IFIP/IEEE International Symposium on Integrated Network Management.

[45]  Xiao Ming Split Bloom Filter , 2004 .

[46]  Sasu Tarkoma,et al.  Theory and Practice of Bloom Filters for Distributed Systems , 2012, IEEE Communications Surveys & Tutorials.

[47]  P. Arun Kumar,et al.  High-Speed Signature Matching in Network Interface Device using Bloom Filters , 2009, ArXiv.

[48]  Bin Liu,et al.  A Robust Scheme to Detect SYN Flooding Attacks , 2007, 2007 Second International Conference on Communications and Networking in China.

[49]  Sarang Dharmapurikar,et al.  Implementation results of bloom filters for string matching , 2004, 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines.

[50]  Feng Wang,et al.  Enhancing Dynamic Packet Filtering Technique with d-Left Counting Bloom Filter Algorithm , 2009, 2009 Second International Conference on Intelligent Networks and Intelligent Systems.

[51]  ZhenYu Liu,et al.  A Parallel Method in the 3G Firewall , 2009, 2009 WRI International Conference on Communications and Mobile Computing.

[52]  Haiyun Luo,et al.  Authenticated flooding in large-scale sensor networks , 2005, IEEE International Conference on Mobile Adhoc and Sensor Systems Conference, 2005..

[53]  Qing Zhu,et al.  A Strategy of Node Membership Verification for Wireless Multimedia Sensor Networks , 2009, 2009 5th International Conference on Wireless Communications, Networking and Mobile Computing.

[54]  Angelos D. Keromytis,et al.  SSARES: Secure Searchable Automated Remote Email Storage , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).

[55]  Chin-Laung Lei,et al.  Filtering False Messages En-Route in Wireless Multi-Hop Networks , 2010, 2010 IEEE Wireless Communication and Networking Conference.

[56]  John W. Lockwood,et al.  Fast and Scalable Pattern Matching for Network Intrusion Detection Systems , 2006, IEEE Journal on Selected Areas in Communications.

[57]  A.S. Tanenbaum,et al.  A Cost-Efficient Counter-Intrusion Scheme for One-Time Sensor Networks , 2005, 2005 International Conference on Intelligent Sensors, Sensor Networks and Information Processing.

[58]  Wenke Lee,et al.  Hotspot-based traceback for mobile ad hoc networks , 2005, WiSe '05.

[59]  Lichun Bao A New Approach to Anonymous Multicast Routing in Ad Hoc Networks , 2007, 2007 Second International Conference on Communications and Networking in China.

[60]  Do Hoon Kim,et al.  IP Traceback Methodology Using Markov Chain and Bloom Filter in 802.16e , 2008, 2008 Third International Conference on Convergence and Hybrid Information Technology.

[61]  Ke Xu,et al.  A High Performance and Scalable Packet Pattern-Matching Architecture , 2008, 2008 International Conference on Information Networking.

[62]  Dongqing Xie,et al.  Fast Traceback against Large-Scale DDoS Attack in High-Speed Internet , 2009, 2009 International Conference on Computational Intelligence and Software Engineering.

[63]  Yun-Zhao Li Memory Efficient Parallel Bloom Filters for String Matching , 2009, 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing.

[64]  Li Fan,et al.  Summary cache: a scalable wide-area web cache sharing protocol , 2000, TNET.

[65]  Wenjing Lou,et al.  Multi-user Broadcast Authentication in Wireless Sensor Networks , 2007, 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[66]  Michael Mitzenmacher,et al.  Compressed bloom filters , 2001, PODC '01.

[67]  Chung-Horng Lung,et al.  A TCP Connection Establishment Filter: Symmetric Connection Detection , 2007, 2007 IEEE International Conference on Communications.

[68]  Xingming Sun,et al.  Bloom Filter-Based Data Hiding Algorithm in Wireless Sensor Networks , 2010, 2010 5th International Conference on Future Information Technology.

[69]  Abhishek Kumar,et al.  A New Design of Bloom Filter for Packet Inspection Speedup , 2007, IEEE GLOBECOM 2007 - IEEE Global Telecommunications Conference.

[70]  Kang Li,et al.  Speed Up Statistical Spam Filter by Approximation , 2011, IEEE Transactions on Computers.

[71]  H. Jonathan Chao,et al.  Multi-packet signature detection using prefix bloom filters , 2005, GLOBECOM '05. IEEE Global Telecommunications Conference, 2005..

[72]  Jeff Yan,et al.  Enhancing Collaborative Spam Detection with Bloom Filters , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[73]  Bin Tong,et al.  A Three-Tier Framework for Intruder Information Sharing in Sensor Networks , 2008, 2008 5th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[74]  H. Takurou,et al.  IP Traceback by Packet Marking Method with Bloom Filters , 2007, 2007 41st Annual IEEE International Carnahan Conference on Security Technology.

[75]  Sencun Zhu,et al.  pDCS: Security and Privacy Support for Data-Centric Sensor Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[76]  Dafang Zhang,et al.  A Byte-Filtered String Matching Algorithm for Fast Deep Packet Inspection , 2008, 2008 The 9th International Conference for Young Computer Scientists.

[77]  N.D.A. Tuan,et al.  High performance pattern matching using Bloom-Bloomier Filter , 2010, ECTI-CON2010: The 2010 ECTI International Confernce on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology.

[78]  Pei Cao,et al.  Hash-AV: fast virus signature scanning by cache-resident filters , 2005, GLOBECOM.

[79]  A. Kumar,et al.  Space-code bloom filter for efficient per-flow traffic measurement , 2004, IEEE INFOCOM 2004.

[80]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[81]  Rafael M. Gasca,et al.  Mesh Network Firewalling with Bloom Filters , 2007, 2007 IEEE International Conference on Communications.

[82]  H. Jonathan Chao,et al.  Aggregated Bloom Filters for Intrusion Detection and Prevention Hardware , 2007, IEEE GLOBECOM 2007 - IEEE Global Telecommunications Conference.

[83]  Yoon-Hwa Choi,et al.  A Fault-Tolerant Bloom Filter for Deep Packet Inspection , 2007, 13th Pacific Rim International Symposium on Dependable Computing (PRDC 2007).

[84]  Michael Mitzenmacher,et al.  Distance-Sensitive Bloom Filters , 2006, ALENEX.

[85]  Xiaohong Jiang,et al.  Detecting SYN Flooding Agents under Any Type of IP Spoofing , 2008, 2008 IEEE International Conference on e-Business Engineering.

[86]  Igor M. Moraes,et al.  Towards Stateless Single-Packet IP Traceback , 2007 .

[87]  Craig Partridge,et al.  Hash-based IP traceback , 2001, SIGCOMM.

[88]  Bernard Chazelle,et al.  The Bloomier filter: an efficient data structure for static support lookup tables , 2004, SODA '04.

[89]  Akihiro Nakao,et al.  DDoS Defense Deployment with Network Egress and Ingress Filtering , 2010, 2010 IEEE International Conference on Communications.

[90]  Deian Stefan,et al.  FPGA-based SoC for real-time network intrusion detection using counting bloom filters , 2009, IEEE Southeastcon 2009.

[91]  John W. Lockwood,et al.  Deep packet inspection using parallel bloom filters , 2004, IEEE Micro.

[92]  David Hutchison,et al.  Scalable Bloom Filters , 2007, Inf. Process. Lett..

[93]  Jie Wu,et al.  Theory and Network Applications of Dynamic Bloom Filters , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[94]  Chin-Tser Huang,et al.  LOFT: Low-Overhead Freshness Transmission in Sensor Networks , 2008, 2008 IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (sutc 2008).

[95]  Tsern-Huei Lee,et al.  Scalable packet digesting schemes for IP traceback , 2004, 2004 IEEE International Conference on Communications (IEEE Cat. No.04CH37577).

[96]  Bin Liu,et al.  More Accurate and Fast SYN Flood Detection , 2009, 2009 Proceedings of 18th International Conference on Computer Communications and Networks.

[97]  Jung-Min Park,et al.  Detecting denial-of-service attacks with incomplete audit data , 2005, Proceedings. 14th International Conference on Computer Communications and Networks, 2005. ICCCN 2005..

[98]  Rafael M. Gasca,et al.  Stateful Firewalling for Wireless Mesh Networks , 2008, 2008 New Technologies, Mobility and Security.

[99]  Qiaoliang Li,et al.  A Multi-user DoS-Containment Broadcast Authentication Scheme for Wireless Sensor Networks , 2009, 2009 International Conference on Information Technology and Computer Science.

[100]  Bin Liu,et al.  Efficient and Low-Cost Hardware Defense Against DNS Amplification Attacks , 2008, IEEE GLOBECOM 2008 - 2008 IEEE Global Telecommunications Conference.

[101]  M. Nourani,et al.  Bloom Filter Accelerator for String Matching , 2007, 2007 16th International Conference on Computer Communications and Networks.

[102]  Guy Lemieux,et al.  PERG: A scalable FPGA-based pattern-matching engine with consolidated Bloomier filters , 2008, 2008 International Conference on Field-Programmable Technology.

[103]  Yong Guan,et al.  TOPO: A Topology-aware Single Packet Attack Traceback Scheme , 2006, 2006 Securecomm and Workshops.

[104]  Denh Sy,et al.  ODAR: On-Demand Anonymous Routing in Ad Hoc Networks , 2006, 2006 IEEE International Conference on Mobile Ad Hoc and Sensor Systems.

[105]  Andrei Broder,et al.  Network Applications of Bloom Filters: A Survey , 2004, Internet Math..

[106]  Pekka Nikander,et al.  Self-Routing Denial-of-Service Resistant Capabilities Using In-packet Bloom Filters , 2009, 2009 European Conference on Computer Network Defense.

[107]  W.T. Strayer,et al.  SPIE-IPv6: single IPv6 packet traceback , 2004, 29th Annual IEEE International Conference on Local Computer Networks.

[108]  Ki Chang Kim,et al.  A Resource-Efficient IP Traceback Technique for Mobile Ad-hoc Networks Based on Time-Tagged Bloom Filter , 2008, 2008 Third International Conference on Convergence and Hybrid Information Technology.

[109]  Yossi Matias,et al.  Spectral bloom filters , 2003, SIGMOD '03.

[110]  Huafei Zhu,et al.  An Efficient Scheme for Encrypted Data Aggregation on Sensor Networks , 2006, 2006 IEEE 63rd Vehicular Technology Conference.

[111]  Tsern-Huei Lee,et al.  Realizing a Sub-Linear Time String-Matching Algorithm With a Hardware Accelerator Using Bloom Filters , 2009, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[112]  Li Xu,et al.  Secure Anonymous Routing in Trust and Clustered Wireless Ad Hoc Networks , 2007, 2007 Second International Conference on Communications and Networking in China.