A property-based technique for tolerating faults in bloom filters for deep packet inspection

Authors:
Yoon-Hwa Choi;Myeong-Hyeon Lee
Affiliations:
Computer Engineering Department, Hongik University, Seoul, Korea;Computer Engineering Department, Hongik University, Seoul, Korea
Venue:
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Year:
2007

Citing 4
Cited 0

Efficient Hardware Hashing Functions for High Performance Computers

IEEE Transactions on Computers
Space/time trade-offs in hash coding with allowable errors

Communications of the ACM
A High Throughput String Matching Architecture for Intrusion Detection and Prevention

Proceedings of the 32nd annual international symposium on Computer Architecture
Deep Packet Inspection using Parallel Bloom Filters

IEEE Micro

Quantified Score

Hi-index	0.00

Visualization

Abstract

In network security applications, such as network intrusion detection, string matching is used to scan packets to detect malicious content. Bloom filters have drawn a great attention due to the fact that they can provide constant lookup times at the cost of small false positives. A fault in Bloom filters, however, cannot guarantee no-false-negatives. In this paper, we present a property-based technique for tolerating faults in Bloom filters for deep packet inspection. It employs a single spare hashing unit in each Bloom filter to detect and eliminate false negatives until the spare itself is faulty. The design is simple to be implemented in hardware. Moreover, the process for eliminating false negatives can be done without reducing the system throughput.