• Title, Summary, Keyword: Bloom filter

Search Result 93, Processing Time 0.035 seconds

IP Address Lookup Algorithm Using a Vectored Bloom Filter (벡터 블룸 필터를 사용한 IP 주소 검색 알고리즘)

  • Byun, Hayoung;Lim, Hyesook
    • The Transactions of The Korean Institute of Electrical Engineers
    • /
    • v.65 no.12
    • /
    • pp.2061-2068
    • /
    • 2016
  • A Bloom filter is a space-efficient data structure popularly applied in many network algorithms. This paper proposes a vectored Bloom filter to provide a high-speed Internet protocol (IP) address lookup. While each hash index for a Bloom filter indicates one bit, which is used to identify the membership of the input, each index of the proposed vectored Bloom filter indicates a vector which is used to represent the membership and the output port for the input. Hence the proposed Bloom filter can complete the IP address lookup without accessing an off-chip hash table for most cases. Simulation results show that with a reasonable sized Bloom filter that can be stored using an on-chip memory, an IP address lookup can be performed with less than 0.0003 off-chip accesses on average in our proposed architecture.

Filtering of Malicious Codes using Bloom Filter (Bloom Filter를 이용한 악성 코드 탐지 방안)

  • Lee, Sang-Hoon;Heo, Hwan-Jo;Kim, Hyo-Gong;Choi, Lynn
    • Proceedings of the Korean Information Science Society Conference
    • /
    • /
    • pp.796-798
    • /
    • 2003
  • 바이러스로 시작된 악성 코드는 웜이라는 형태로 발전하였다. 인터넷 망의 고속화와 확장에 의해 웜의 전파 속도와 감염 범위는 증가하였지만, 아직까지 웜을 차단할 수 있는 획기적인 방법은 개발되지 않았고, 웜에 의한 피해는 갈수록 치명적인 결과를 낳고 있다. 본고에서는 Bloom Filter[1]를 이용한 content filtering 방법을 제안한다. 실험을 통해, 이미 알려진 웜에 대한 Bloom Filter의 성능을 검증하였으며, 알려지지 않은 웜에 대한 Bloom Filter의 적용 방법도 제안한다.

  • PDF

On Reducing False Positives of a Bloom Filter in Trie-Based Algorithms

  • Mun, Ju Hyoung;Lim, Hyesook
    • IEIE Transactions on Smart Processing and Computing
    • /
    • v.4 no.3
    • /
    • pp.163-168
    • /
    • 2015
  • Many IP address lookup approaches employ Bloom filters to obtain a high-speed search performance. Especially, it has been recently studied that the search performance of trie-based algorithms can be significantly improved by adding Bloom filters. In such algorithms, the number of trie accesses can be greatly reduced because Bloom filters can determine whether a node exists in a trie without actually accessing the trie. Bloom filters do not have false negatives but have false positives. False positives can lead to unnecessary trie accesses. The false positive rate must thus be reduced to enhance the performance of lookup algorithms applying Bloom filters. One important characteristic of trie-based algorithms is that all the ancestors of a node are also stored. The proposed algorithm utilizes this characteristic in reducing the false positive rate of a Bloom filter without increasing the size of the memory for the Bloom filter. When a Bloom filter produces a positive result for a node of a trie, we propose to check whether the ancestors of the node are also positives. Because Bloom filters have no false negatives, the negatives of any of the ancestors mean that the positive of the node is false. In other words, we propose to use more Bloom filter queries to reduce the false positive rate of a Bloom filter in trie-based algorithms. Simulation results show that querying one ancestor of a node can reduce the false positive rate by up to 67% with exactly the same architecture and the same memory requirement. The proposed approach can be applied to other trie-based algorithms employing Bloom filters.

Approaches for Improving Bloom Filter-Based Set Membership Query

  • Lee, HyunYong;Lee, Byung-Tak
    • Journal of Information Processing Systems
    • /
    • v.15 no.3
    • /
    • pp.550-569
    • /
    • 2019
  • We propose approaches for improving Bloom filter in terms of false positive probability and membership query speed. To reduce the false positive probability, we propose special type of additional Bloom filters that are used to handle false positives caused by the original Bloom filter. Implementing the proposed approach for a routing table lookup, we show that our approach reduces the routing table lookup time by up to 28% compared to the original Bloom filter by handling most false positives within the fast memory. We also introduce an approach for improving the membership query speed. Taking the hash table-like approach while storing only values, the proposed approach shows much faster membership query speed than the original Bloom filter (e.g., 34 times faster with 10 subsets). Even compared to a hash table, our approach reduces the routing table lookup time by up to 58%.

On Message Length Efficiency of Two Security Schemes using Bloom Filter (블룸필터를 사용하는 두 보안기법에 대한 메시지 길이의 효율성에 대하여)

  • Maeng, Young-Jae;Kang, Jeon-Il;Nyang, Dae-Hun;Lee, Kyung-Hee
    • The KIPS Transactions:PartC
    • /
    • v.19C no.3
    • /
    • pp.173-178
    • /
    • 2012
  • Recent two security schemes showed that a bloom filter can reduce a message length required for representing multiple MACs. The schemes, however, made message length comparison without considering security level. Since the MAC is intended for security, it is important to let multiple MACs and the bloom filter have the same level of security for making message length comparison. In this paper, we analyze the message length efficiency of bloom filter, compressed bloom filter and multiple MACs, letting them have the same security level.

Cloud Storage Security Deduplication Scheme Based on Dynamic Bloom Filter

  • Yan, Xi-ai;Shi, Wei-qi;Tian, Hua
    • Journal of Information Processing Systems
    • /
    • v.15 no.6
    • /
    • pp.1265-1276
    • /
    • 2019
  • Data deduplication is a common method to improve cloud storage efficiency and save network communication bandwidth, but it also brings a series of problems such as privacy disclosure and dictionary attacks. This paper proposes a secure deduplication scheme for cloud storage based on Bloom filter, and dynamically extends the standard Bloom filter. A public dynamic Bloom filter array (PDBFA) is constructed, which improves the efficiency of ownership proof, realizes the fast detection of duplicate data blocks and reduces the false positive rate of the system. In addition, in the process of file encryption and upload, the convergent key is encrypted twice, which can effectively prevent violent dictionary attacks. The experimental results show that the PDBFA scheme has the characteristics of low computational overhead and low false positive rate.

An Analysis on the Error Probability of A Bloom Filter (블룸필터의 오류 확률에 대한 분석)

  • Kim, SungYong;Kim, JiHong
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.24 no.5
    • /
    • pp.809-815
    • /
    • 2014
  • As the size of the data is getting larger and larger due to improvement of the telecommunication techniques, it would be main issues to develop and process the database. The bloom filter used to lookup a particular element under the given set is very useful structure because of the space efficiency. In this paper, we introduce the error probabilities in Bloom filter. Especially, we derive the revised false positive rates of the Bloom filter using experimental method. Finally we analyze and compare the original false positive probability of the bloom filter used until now and the false decision probability proposed in this paper.

The Construction of A Parallel type Bloom Filter (병렬 구조의 블룸필터 설계)

  • Jang, Young-dal;Kim, Ji-hong
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.21 no.6
    • /
    • pp.1113-1120
    • /
    • 2017
  • As the size of the data is getting larger and larger due to improvement of the telecommunication techniques, it would be main issues to develop and process the database. The bloom filter used to lookup a particular element under the given set is very useful structure because of the space efficiency. In this paper, we analyse the main factor of the false positive and propose the new parallel type bloom filter in order to minimize the false positive which is caused by other hash functions. The proposed method uses the memory as large as the conventional bloom filter use, but it can improve the processing speed using parallel processing. In addition, if we use the perfect hash function, the insertion and deletion function in the proposed bloom filter would be possible.

Ternary Bloom Filter Improving Counting Bloom Filter (카운팅 블룸필터를 개선하는 터너리 블룸필터)

  • Byun, Hayoung;Lee, Jungwon;Lim, Hyesook
    • Journal of the Institute of Electronics and Information Engineers
    • /
    • v.54 no.1
    • /
    • pp.3-10
    • /
    • 2017
  • Counting Bloom filters (CBFs) have been popularly used in many network algorithms and applications for the membership queries of dynamic sets, since CBFs can provide delete operations, which are not provided in a standard 1-bit vector Bloom filter. However, because of the counting functions, a CBF can have overflows and accordingly false negatives. CBFs composed of 4-bit counters are generally used, but the 4-bit CBF wastes memory spaces by allocating 4 bits for every counter. In this paper, we propose a simple alternative of a 4-bit CBF named ternary Bloom filter (TBF). In the proposed TBF structure, if two or more elements are mapped to a counter in programming, the counters are not used for insertion or deletion operations any more. When the TBF consumes the same amount of memory space as a 4-bit CBF, it is shown through simulation that the TBF provides a better false positive rate than the CBF as well as the TBF does not generate false negatives.

A Design of SMS DDoS Detection and Defense Method using Counting Bloom Filter (Counting Bloom Filter를 이용한 SMS DDoS 탐지 및 방어 기법 설계)

  • Shin, Kwang-Kyoon;Park, Ui-Chung;Jun, Moon-Seog
    • Proceedings of the KAIS Fall Conference
    • /
    • /
    • pp.53-56
    • /
    • 2011
  • 지난 7.7 DDoS(Distributed Denial of Service), 3.3 DDoS 대란을 통해서 보여주듯 DDoS 공격이 네트워크 주요 위협요소로 매우 부각되고 있으나, 공격에 대해서 실시간으로 감지하고 대응하기에 어렵다. 그리고 현재 여러 분야에서 매우 많은 용도로 사용되는 SMS(Short Message Service)도 DDoS 공격 수단으로 사용되어 이동전화 시스템에 큰 혼란을 야기할 수 있다. 기존의 Bloom Filter 탐지 기법은 구조가 간단하고 실시간 탐지가 가능한 장점을 갖지만 오탐지율에 대한 문제점을 가진다. 본 논문에서는 목적지 기반의 다중의 해시함수를 사용한 Counting Bloom Filter 기법을 이용하여 임계치 이상 카운트된 동일한 목적지로 발송되는 SMS에 대하여 공격으로 탐지하고 SMSC에 통보하여 차단시키는 시스템을 제안한다.

  • PDF