Issue No. 12 - Dec. (2012 vol. 23)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TPDS.2012.87
Marcelo Duffles Donato Moreira , Universidade Federal do Rio de Janeiro (UFRJ), Rio de Janeiro
Rafael Pinaud Laufer , Bell Labs, Alcatel-Lucent, Holmdel
Pedro Braconnot Velloso , Universidade Federal Fluminense, Niteroi
Otto Carlos M.B. Duarte , Universidade Federal do Rio de Janeiro (UFRJ), Rio de Janeiro
The Bloom filter is a space-efficient data structure often employed in distributed applications to save bandwidth during data exchange. These savings, however, come at the cost of errors in the shared data, which are usually assumed low enough to not disrupt the application. We argue that this assumption does not hold in a more hostile environment, such as the Internet, where attackers can send a carefully crafted Bloom filter in order to break the application. In this paper, we propose the concatenated Bloom filter (CBF), a robust Bloom filter that prevents the attacker from interfering on the shared information, protecting the application data while still providing space efficiency. Instead of using a single large filter, the CBF concatenates small subfilters to improve both the filter robustness and capacity. We propose three CBF variants and provide analytical results that show the efficacy of the CBF for different scenarios. We also evaluate the performance of our filter in an IP traceback application and simulation results confirm the effectiveness of the proposed mechanism in the face of attackers.
Robustness, Filters, Radiation detectors, Error analysis, Servers, Probability, Network security, Distributed processing, IP traceback, Bloom filters, distributed applications, security
P. B. Velloso, O. C. Duarte, M. D. Moreira and R. P. Laufer, "Capacity and Robustness Tradeoffs in Bloom Filters for Distributed Applications," in IEEE Transactions on Parallel & Distributed Systems, vol. 23, no. , pp. 2219-2230, 2012.