• IEIE Transactions on Smart Processing and Computing
• /
• v.4 no.3
• /
• pp.163-168
• /
• 2015

Many IP address lookup approaches employ Bloom filters to obtain a high-speed search performance. Especially, it has been recently studied that the search performance of trie-based algorithms can be significantly improved by adding Bloom filters. In such algorithms, the number of trie accesses can be greatly reduced because Bloom filters can determine whether a node exists in a trie without actually accessing the trie. Bloom filters do not have false negatives but have false positives. False positives can lead to unnecessary trie accesses. The false positive rate must thus be reduced to enhance the performance of lookup algorithms applying Bloom filters. One important characteristic of trie-based algorithms is that all the ancestors of a node are also stored. The proposed algorithm utilizes this characteristic in reducing the false positive rate of a Bloom filter without increasing the size of the memory for the Bloom filter. When a Bloom filter produces a positive result for a node of a trie, we propose to check whether the ancestors of the node are also positives. Because Bloom filters have no false negatives, the negatives of any of the ancestors mean that the positive of the node is false. In other words, we propose to use more Bloom filter queries to reduce the false positive rate of a Bloom filter in trie-based algorithms. Simulation results show that querying one ancestor of a node can reduce the false positive rate by up to 67% with exactly the same architecture and the same memory requirement. The proposed approach can be applied to other trie-based algorithms employing Bloom filters.

• Journal of Korea Multimedia Society
• /
• v.11 no.12
• /
• pp.1688-1696
• /
• 2008

We propose a hierarchical service management method using Bloom filters for large MANETs. In this paper, a MANET is comprised of logical grid hierarchy, and each mobile node within the lowest service region multicasts the Attenuated Bloom Filter (ABF) for services itself to other nodes within the region. To advertise and discovery a service efficiently, the server node of the lowest server region sends the Summary Bloom Filter (SBF) for the ABFs to the server node of upper server region. Each upper server has the set of SBFs for lower vicinity service regions. The traffic load of the proposed method is evaluated by an analytical model, and is compared with that of two alternative advertisement solutions: complete advertisement and no advertisement. As a result, we identify that the traffic load of the proposed method is much lower than that of two alternative advertisement solutions.

• Journal of Information Processing Systems
• /
• v.15 no.3
• /
• pp.550-569
• /
• 2019

We propose approaches for improving Bloom filter in terms of false positive probability and membership query speed. To reduce the false positive probability, we propose special type of additional Bloom filters that are used to handle false positives caused by the original Bloom filter. Implementing the proposed approach for a routing table lookup, we show that our approach reduces the routing table lookup time by up to 28% compared to the original Bloom filter by handling most false positives within the fast memory. We also introduce an approach for improving the membership query speed. Taking the hash table-like approach while storing only values, the proposed approach shows much faster membership query speed than the original Bloom filter (e.g., 34 times faster with 10 subsets). Even compared to a hash table, our approach reduces the routing table lookup time by up to 58%.

• ETRI Journal
• /
• v.33 no.5
• /
• pp.826-829
• /
• 2011

Distributed systems particularly suffer from Sybil attacks, where a malicious user creates numerous bogus nodes to influence the functions of the system. In this letter, we propose a Bloom filter-based scheme, SybilBF, to fight against Sybil attacks. A Bloom filter presents a set of Sybil nodes according to historical behavior, which can be disseminated to at least n (e-1)/e honest nodes. Our evaluation shows that SybilBF outperforms state of the art mechanisms improving SybilLimit by a factor of (1/e)${\gamma}$ at least.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.4B
• /
• pp.245-257
• /
• 2012

As one of the most challenging tasks in designing the Internet routers, packet classification is required to achieve the wire-speed processing for every incoming packet. Packet classification algorithm which applies binary search on trie levels to the area-based quad-trie is an efficient algorithm. However, it has a problem of unnecessary access to a hash table, even when there is no node in the corresponding level of the trie. In order to avoid the unnecessary off-chip memory access, we proposed an algorithm using Bloom filters along with the binary search on levels to multiple disjoint tries. For ACL, FW, IPC sets with about 1000, 5000, and 10000 rules, performance evaluation result shows that the search performance is improved by 21 to 33 percent by adding Bloom filters.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.365-369
• /
• 2006

Multiple Message Authentication Codes can be represented by one of the Short MAC, Bloom Filter or Compressed Bloom Filler to reduce communication overheads. However, this will inevitably increase false positive rate (fpr) which is a false authentication probability of adversarial messages in trade-off of communication efficiency. While the simple short MAC scheme has the lowest fpr, one cannot choose arbitrary authenticator size. Bloom filter, randomized data structure often used for membership queries, can represent multiple MACs more flexibly with slightly higher fpr. Furthermore, compressed Bloom filter has the same fpr with the short MAC while maintaining its flexibility. Through our detailed analysis, we show that pros and cons of the three schemes are scenario specific. Therefore one can choose appropriate scheme under given parameters to achieve both communication efficiency and security based on our results.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.54 no.1
• /
• pp.3-10
• /
• 2017

Counting Bloom filters (CBFs) have been popularly used in many network algorithms and applications for the membership queries of dynamic sets, since CBFs can provide delete operations, which are not provided in a standard 1-bit vector Bloom filter. However, because of the counting functions, a CBF can have overflows and accordingly false negatives. CBFs composed of 4-bit counters are generally used, but the 4-bit CBF wastes memory spaces by allocating 4 bits for every counter. In this paper, we propose a simple alternative of a 4-bit CBF named ternary Bloom filter (TBF). In the proposed TBF structure, if two or more elements are mapped to a counter in programming, the counters are not used for insertion or deletion operations any more. When the TBF consumes the same amount of memory space as a 4-bit CBF, it is shown through simulation that the TBF provides a better false positive rate than the CBF as well as the TBF does not generate false negatives.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.8
• /
• pp.1890-1910
• /
• 2013

Routing overlay offers an ideal methodology to improve the end-to-end communication performance by deriving a backup path for any node pair. This paper focuses on a challenging issue of selecting a proper backup path to bypass the failures on the default path with high probability for any node pair. For existing backup path selection approaches, our trace-driven evaluation results demonstrate that the backup and default paths for any node pair overlap with high probability and hence usually fail simultaneously. Consequently, such approaches fail to derive a robust backup path that can take over in the presence of failure on the default path. In this paper, we propose a three-phase RBPS approach to identify a proper and robust backup path. It utilizes the traceroute probing approach to obtain the fine-grained topology information, and systematically employs the grid quorum system and the Bloom filter to reduce the resulting communication overhead. Two criteria, delay and fault-tolerant ability on average, of the backup path are proposed to evaluate the performance of our RBPS approach. Extensive trace-driven evaluations show that the fault-tolerant ability of the backup path can be improved by about 60%, while the delay gain ratio concentrated at 14% after replacing existing approaches with ours. Consequently, our approach can derive a more robust and available backup path for any node pair than existing approaches. This is more important than finding a backup path with the lowest delay compared to the default path for any node pair.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.5
• /
• pp.939-946
• /
• 2012

Recently privacy breaches has been an social issues. If we should encrypt the sensitive information in order to protect the database, the leakage of the personal sensitive data will be reduced for sure. In this paper, we analyzed the existing protection algorithms to protect the personal sensitive data and proposed the combined method using the bucket index method and the bloom filters. Bucket index method applied on tuples data encryption method is the most widely used algorithm. But this method has the disadvantages of the data exposure because of the bucket index value presented. So we proposed the combined data encryption method using bucket index and the bloom filter. Features of the proposed scheme are the improved search performance of data as well as the protection of the data exposure.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.6
• /
• pp.2115-2130
• /
• 2022

With the development of over-the-top (OTT) services, the demand for content is increasing, and you can easily and conveniently acquire various content in the online environment. As a result, copyrighted content can be easily copied and distributed, resulting in serious copyright infringement. Some special forms of online service providers (OSP) use filtering-based technologies to protect copyrights, but illegal uploaders use methods that bypass traditional filters. Uploading with a title that bypasses the filter cannot use a similar search method to detect illegal content. In this paper, we propose a technique for profiling the Heavy Uploader by normalizing the bypassed content title and efficiently detecting illegal content. First, the word is extracted from the normalized title and converted into a bit-array to detect illegal works. This Bloom Filter method has a characteristic that there are false positives but no false negatives. The false positive rate has a trade-off relationship with processing performance. As the false positive rate increases, the processing performance increases, and when the false positive rate decreases, the processing performance increases. We increased the detection rate by directly comparing the word to the result of increasing the false positive rate of the Bloom Filter. The processing time was also as fast as when the false positive rate was increased. Afterwards, we create a function that includes information about overall piracy and identify clustering-based heavy uploaders. Analyze the behavior of heavy uploaders to find the first uploader and detect the source site.