Uma Proposta de Marcação de Pacotes para Rastreamento Robusto a Ataques

  • Marcelo D. D. Moreira UFRJ
  • Rafael P. Laufer UCLA
  • Pedro Velloso UPMC
  • Otto Carlos M. B. Duarte UFRJ
DOI: https://doi.org/10.5753/sbseg.2007.20923

Abstract


This paper proposes a new packet marking structure robust to attacks to distributed applications such as IP traceback. The structure is based on the Bloom Filter, which allows space-efficient representation of a set. The goal of the so-called Concatenated Bloom Filter (CBF) is to provide robustness to attacker interference, allowing secure transmission of information in an insecure medium. The key idea is to concatenate a set of subfilters, each of them admitting the insertion of only one element. Analytical results show the efficacy of the CBF and that the attacker success probability decreases exponentially with the increasing of subfilter size. Any other proposal with such robustness and without the limitation of legitimate information loss was not found in the literature.

References

Bloom, B. H. (1970). Space/Time Trade-offs in Hash Coding with Allowable Errors. Communications of the ACM, 7(13):442–426.

Broder, A. e Mitzenmacher, M. (2003). Network Applications of Bloom Filters: A Survey. Internet Mathematics, 1(4):485–509.

Cohen, S. e Matias, Y. (2003). Spectral Bloom Filters. Em Proceedings of the 2003 ACM SIGMOD International Conference on Management of Data, páginas 241–252, San Diego, CA, EUA.

Dharmapurikar, S., Krishnamurthy, P., Sproull, T. S. e Lockwood, J. W. (2004). Deep Packet Inspection Using Bloom Filters. IEEE Micro, 24(1):52–61.

Estan, C. e Varghese, G. (2003). New Directions in Traffic Measurement and Accounting: Focusing on the Elephants, Ignoring the Mice. ACM Transactions on Computer Systems, 21(3):270–313.

Fan, L., Cao, P., Almeida, J. e Broder, A. Z. (2000). Summary Cache: A Scalable WideArea Web Cache Sharing Protocol. IEEE/ACM Transactions on Networking, 8(3):281– 293.

Kumar, A., Xu, J., Wang, J., Spatschek, O. e Li, L. (2004). Space-Code Bloom Filter for Efficient Per-Flow Traffic Measurement. Em Proceedings of the IEEE INFOCOM 2004 Conference, páginas 1762–1773, Hong Kong, China.

Laufer, R. P., Velloso, P. B., de O. Cunha, D., Moraes, I. M., Bicudo, M. D. D. e Duarte, O. C. M. B. (2005a). A New IP Traceback System against Denial-of-Service Attacks. Em 12th International Conference on Telecommunications ICT’2005, Cidade do Cabo, África do Sul.

Laufer, R. P., Velloso, P. B., de O. Cunha, D., Moraes, I. M., Bicudo, M. D. D., Moreira, M. D. D. e Duarte, O. C. M. B. (2006). Towards Stateless Single-Packet IP Traceback. Relatório Técnico GTA-06-38, COPPE/UFRJ.

Laufer, R. P., Velloso, P. B. e Duarte, O. C. M. B. (2005b). Um Novo Sistema de Rastreamento de Pacotes IP contra Ataques de Negação de Serviço. Em XXIII Simpósio Brasileiro de Redes de Computadores SBRC’2005, Fortaleza, CE, Brasil.

Mitzenmacher, M. (2002). Compressed Bloom Filters. IEEE/ACM Transactions on Networking, 10(5):604–612.

Savage, S., Wetherall, D., Karlin, A. e Anderson, T. (2001). Network Support for IP Traceback. IEEE/ACM Transactions on Networking, 9(3):226–237.

Shanmugasundaram, K., Brönnimann, H. e Memon, N. (2004). Payload Attribution via Hierarchical Bloom Filters. Em Proceedings of the 11th ACM conference on Computer and Communications Security, páginas 31–41, Washington, DC, EUA.

Yaar, A., Perrig, A. e Song, D. (2003). Pi: A path identification mechanism to defend against ddos attacks.
Published
2007-08-27
How to Cite

Select a Format
MOREIRA, Marcelo D. D.; LAUFER, Rafael P.; VELLOSO, Pedro; DUARTE, Otto Carlos M. B.. Uma Proposta de Marcação de Pacotes para Rastreamento Robusto a Ataques. In: BRAZILIAN SYMPOSIUM ON INFORMATION AND COMPUTATIONAL SYSTEMS SECURITY (SBSEG), 7. , 2007, Rio de Janeiro. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2007 . p. 135-148. DOI: https://doi.org/10.5753/sbseg.2007.20923.

Most read articles by the same author(s)

1 2 > >>