Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us
Search
Cart
Book cover

International Conference on Research in Networking

NETWORKING 2012: NETWORKING 2012 pp 135–148Cite as

  1. Home
  2. NETWORKING 2012
  3. Conference paper
On the Vulnerability of Hardware Hash Tables to Sophisticated Attacks

On the Vulnerability of Hardware Hash Tables to Sophisticated Attacks

  • Udi Ben-Porat20,
  • Anat Bremler-Barr21,
  • Hanoch Levy22 &
  • …
  • Bernhard Plattner20 
  • Conference paper
  • 1669 Accesses

  • 8 Citations

Part of the Lecture Notes in Computer Science book series (LNCCN,volume 7289)

Abstract

Peacock and Cuckoo hashing schemes are currently the most studied hash implementations for hardware network systems (such as NIDS, Firewalls, etc.). In this work we evaluate their vulnerability to sophisticated complexity Denial of Service (DoS) attacks. We show that an attacker can use insertion of carefully selected keys to hit the Peacock and Cuckoo hashing schemes at their weakest points. For the Peacock Hashing, we show that after the attacker fills up only a fraction (typically 5% − 10%) of the buckets, the table completely loses its ability to handle collisions, causing the discard rate (of new keys) to increase dramatically (100 − 1,800 times higher). For the Cuckoo Hashing, we show an attack that can impose on the system an excessive number of memory accesses and degrade its performance. We analyze the vulnerability of the system as a function of the critical parameters and provide simulations results as well.

Keywords

  • Hash Table
  • Intrusion Detection System
  • Regular User
  • Malicious User
  • Drop Probability

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Download conference paper PDF

References

  1. Smith, R., Estan, C., Jha, S.: Backtracking Algorithmic Complexity Attacks Against a NIDS. In: Proceedings of ACSAC Annual Computer Security Applications Conference (2006)

    Google Scholar 

  2. Crosby, S., Wallach, D.: Denial of Service via Algorithmic Complexity Attacks. In: Proceedings of USENIX Security Symposium (2003)

    Google Scholar 

  3. Kumar, S., Turner, J., Crowley, P.: Peacock Hash: Fast and Updatable Hashing for High Performance Packet Processing Algorithms. In: Proceedings of IEEE INFOCOM (2008)

    Google Scholar 

  4. Pagh, R., Rodler, F.: Cuckoo Hashing. Journal of Algorithms (2001)

    Google Scholar 

  5. Mitzenmacher, M., Broder, A.: Using Multiple Hash Functions to Improve IP Lookups. In: Proceedings of IEEE INFOCOM (2000)

    Google Scholar 

  6. Song, H., Dharmapurikar, S., Turner, J., Lockwood, J.: Fast Hash Table Lookup Using Extended Bloom Filter: An Aid to Network Processing. In: Proceedings of ACM SIGCOMM (2005)

    Google Scholar 

  7. Waldvogel, M., Varghese, G., Turner, J., Plattner, B.: Scalable High Speed IP Routing Lookups. In: Proceedings of ACM SIGCOMM (1997)

    Google Scholar 

  8. Thinh, T., Kittitornkun, S.: Massively Parallel Cuckoo Pattern Matching Applied for NIDS/NIPS. In: Proceedings of IEEE DELTA (2010)

    Google Scholar 

  9. Kirsch, A., Mitzenmacher, M., Varghese, G.: Hash-Based Techniques for High-Speed Packet Processing. Algorithms for Next Generation Networks. Springer (2010)

    Google Scholar 

  10. Ben-Porat, U., Bremler-Barr, A., Levy, H.: Evaluating the Vulnerability of Network Mechanisms to Sophisticated DDoS Attacks. In: Proceedings of IEEE INFOCOM (2008)

    Google Scholar 

  11. Ben-Porat, U., Bremler-Barr, A., Levy, H., Plattner, B.: On the Vulnerability of Hardware Hash Tables to Sophisticated Attacks. Technical Report (2011), http://www.faculty.idc.ac.il/bremler/

  12. Kirsch, A., Mitzenmacher, M., Wieder, U.: More Robust Hashing: Cuckoo Hashing with a Stash. In: Halperin, D., Mehlhorn, K. (eds.) ESA 2008. LNCS, vol. 5193, pp. 611–622. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  13. Fotakis, D., Pagh, R., Sanders, P., Spirakis, P.: Space Efficient Hash Tables with Worst Case Constant Access Time. In: Alt, H., Habib, M. (eds.) STACS 2003. LNCS, vol. 2607, pp. 271–282. Springer, Heidelberg (2003)

    CrossRef  Google Scholar 

  14. Frieze, A., Melsted, P., Mitzenmacher, M.: An Analysis of Random-Walk Cuckoo Hashing. In: Dinur, I., Jansen, K., Naor, J., Rolim, J. (eds.) APPROX and RANDOM 2009. LNCS, vol. 5687, pp. 490–503. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  15. Kirsch, A., Mitzenmacher, M.: The Power of One Move: Hashing Schemes for Hardware. IEEE/ACM Transactions on Networking 18(6), 1752–1765 (2010)

    CrossRef  Google Scholar 

  16. Estan, C., Keys, K., Moore, D., Varghese, G.: Building a Better NetFlow. In: Proceedings of ACM SIGCOMM (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Engineering and Networks Laboratory, ETH Zurich, Switzerland

    Udi Ben-Porat & Bernhard Plattner

  2. Computer Science Dept., Interdisciplinary Center, Herzliya, Israel

    Anat Bremler-Barr

  3. Computer Science Dept., Tel-Aviv University, Tel-Aviv, Israel

    Hanoch Levy

Authors
  1. Udi Ben-Porat
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anat Bremler-Barr
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hanoch Levy
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bernhard Plattner
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Telecommunications Engineering, Czech Technical University in Prague, Technicka 2, 166 27, Prague 6, Czech Republic

    Robert Bestak & Lukas Kencl & 

  2. Alcatel-Lucent, Bell Labs, 600 Mountain Avenue, 07974-0636, Murray Hill, NJ, USA

    Li Erran Li

  3. Instituto IMDEA Networks, Avenida del Mar Mediterraneo 22, Leganes, 28918, Madrid), Spain

    Joerg Widmer

  4. Tsinghua-ChinaCache Joint Laboratory, Tsinghua University, FIT 3-429, Haidian District, 100016, Beijing, China

    Hao Yin

Rights and permissions

Reprints and Permissions

Copyright information

© 2012 IFIP International Federation for Information Processing

About this paper

Cite this paper

Ben-Porat, U., Bremler-Barr, A., Levy, H., Plattner, B. (2012). On the Vulnerability of Hardware Hash Tables to Sophisticated Attacks. In: Bestak, R., Kencl, L., Li, L.E., Widmer, J., Yin, H. (eds) NETWORKING 2012. NETWORKING 2012. Lecture Notes in Computer Science, vol 7289. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30045-5_11

Download citation

  • .RIS
  • .ENW
  • .BIB
  • DOI: https://doi.org/10.1007/978-3-642-30045-5_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-30044-8

  • Online ISBN: 978-3-642-30045-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Search

Navigation

  • Find a journal
  • Publish with us

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support

167.114.118.210

Not affiliated

Springer Nature

© 2023 Springer Nature