Mitigating brute-force attacks on Bloom-filter based forwarding

Bander A. Alzahrani; Vassilios G. Vassilakis; Martin J. Reed

doi:10.1109/CFIC.2013.6566320

Back

Conference proceeding

Mitigating brute-force attacks on Bloom-filter based forwarding

Bander A. Alzahrani, Vassilios G. Vassilakis and Martin J. Reed

2013 Conference on Future Internet Communications (CFIC), pp.1-7

05/2013

DOI: https://doi.org/10.1109/CFIC.2013.6566320

Abstract

Bloom filter

Computer architecture

Distributed Denial-of-Service

Educational institutions

Information-Centric Networks

Network topology

Routing

Scalability

Security

Subscriptions

zFilter

The in-packet Bloom filter forwarding mechanism is a source routing approach used in Information-centric networking (ICN). This mechanism is vulnerable to brute-force attacks that can be used for distributed denial-of-service (DDoS) attacks and unsolicited messages (spam). In this paper we analytically calculate the probability of brute-force attacks and determine the time required by the attacker to launch a successful attack. We find that using scenarios reported by other researchers this type of attacks is achievable in few seconds, which is unacceptable. The paper proposes a solution to mitigate the brute-force attacks by significantly increasing the time before a successful attack. Consequently, it is possible to change link identifiers before the attacker can adapt to the changes. We evaluate the proposed solution in terms of network security and scalability.

Metrics

1 Record Views

See more details

Details

Title: Mitigating brute-force attacks on Bloom-filter based forwarding
Creators - without role: Bander A. Alzahrani - University of Essex
Vassilios G. Vassilakis - University of Essex
Martin J. Reed - University of Essex
Publication Details: 2013 Conference on Future Internet Communications (CFIC), pp.1-7
Publisher: IEEE
Identifiers: 9937246908331
Academic Unit: King Abdulaziz University
Language: English
Resource Type: Conference proceeding