1,150 research outputs found
Low-power bloom filter architecture for deep packet inspection
Bloom filters are frequently used to identify malicious content like viruses in high speed networks. However, architectures proposed to implement Bloom filters are not power efficient. In this letter, we propose a new Bloom filter architecture that exploits the well-known pipelining technique. Through power analysis we show that pipelining can reduce the power consumption of Bloom filters up to 90%, which leads to the energy-efficient implementation of intrusion detection systems. © 2006 IEEE
Data Leak Detection As a Service: Challenges and Solutions
We describe a network-based data-leak detection (DLD)
technique, the main feature of which is that the detection
does not require the data owner to reveal the content of the
sensitive data. Instead, only a small amount of specialized
digests are needed. Our technique – referred to as the fuzzy
fingerprint – can be used to detect accidental data leaks due
to human errors or application flaws. The privacy-preserving
feature of our algorithms minimizes the exposure of sensitive
data and enables the data owner to safely delegate the
detection to others.We describe how cloud providers can offer
their customers data-leak detection as an add-on service
with strong privacy guarantees.
We perform extensive experimental evaluation on the privacy,
efficiency, accuracy and noise tolerance of our techniques.
Our evaluation results under various data-leak scenarios
and setups show that our method can support accurate
detection with very small number of false alarms, even
when the presentation of the data has been transformed. It
also indicates that the detection accuracy does not degrade
when partial digests are used. We further provide a quantifiable
method to measure the privacy guarantee offered by our
fuzzy fingerprint framework
A Bloom Filter-Based Monitoring Station for a Lawful Interception Platform
Lawful Interception (LI) is a fundamental tool in today's Police investigations.Therefore, it is important to make it as quickly and securely as possible as well as a reasonable cost per suspect. This makes traffic capture in aggregation links quite attractive, although this implies high wirespeeds which require the use of specific hardware-based architectures. This paper proposes a novel Bloom Filter-based monitoring station architecture for efficient packet capture in aggregation links. With said Bloom filter, we filter out most of the packets in the link and capture only those belonging to lawful interception wiretaps. Next, we present an FPGA-based implementation of said architecture and obtain the maximum capture rate achievable by injecting traffic through four parallel Gigabit Ethernet lines. Finally, we identify the limitations of our current design and suggest the possibility of further extending it to higher wirespeeds.- Best Paper AwardThe work presented in this paper has been funded by the INDECT project grant number FP7-ICT-218086, and the Spanish CramNet project (grant no. TEC2012-38362-C03-01).European Community's Seventh Framework Progra
A scalable bloom filter based prefilter and hardware-oriented predispatcher
Presented in this paper a scalable bloom filter based prefilter and a hardware-oriented predispatcher pattern matching mechanism for content filtering applications, which are scalable in terms of speed, the number of patterns and the pattern length. Prefilter algorithm is based on a memory efficient multi-hashing data structure called bloom filter. According to the statistics of simulations, the filter ratio can reach up to 60% if the whole engine has been trained well. It has been showed that this engine could enhance the capabilities of general-purpose IDS solutions
Energy-efficient pipelined bloom filters for network intrusion detection
This document is made available in accordance with publisher policies. Please cite only the published version using the reference above. Full terms of use are available
- …