Title :
Denial-of-Service Attacks in Bloom-Filter-Based Forwarding
Author :
Antikainen, Markku ; Aura, Tuomas ; Sarela, Mikko
Author_Institution :
Sch. of Sci., Aalto Univ., Espoo, Finland
Abstract :
Bloom-filter-based forwarding has been suggested to solve several fundamental problems in the current Internet, such as routing-table growth, multicast scalability issues, and denial-of-service (DoS) attacks by botnets. The proposed protocols are source-routed and include the delivery tree encoded as a Bloom filter in each packet. The network nodes forward packets based on this in-packet information without consulting routing tables and without storing per-flow state. We show that these protocols have critical vulnerabilities and make several false security assumptions. In particular, we present DoS attacks against broad classes of Bloom-filter-based protocols and conclude that the protocols are not ready for deployment on open networks. The results also help us understand the limitations and design options for Bloom-filter forwarding.
Keywords :
Internet; computer network security; data structures; routing protocols; Bloom-filter-based forwarding; Bloom-filter-based protocols; DoS attack; Internet; botnets; delivery tree; denial-of-service attacks; in-packet information; routing-table growth; scalability issue; security assumptions; Computer crime; Network topology; Routing; Routing protocols; Topology; Multicast; network protocols; network-level security and protection;
Journal_Title :
Networking, IEEE/ACM Transactions on
DOI :
10.1109/TNET.2013.2281614
