On the vulnerability of hardware hash tables to sophisticated attacks

Udi Ben-Porat; Anat Bremler-Barr; Hanoch Levy; Bernhard Plattner

doi:https://doi.org/10.1007/978-3-642-30045-5_11

On the vulnerability of hardware hash tables to sophisticated attacks

Udi Ben-Porat, Anat Bremler-Barr, Hanoch Levy, Bernhard Plattner

School of Computer Science

Tel Aviv University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Peacock and Cuckoo hashing schemes are currently the most studied hash implementations for hardware network systems (such as NIDS, Firewalls, etc.). In this work we evaluate their vulnerability to sophisticated complexity Denial of Service (DoS) attacks. We show that an attacker can use insertion of carefully selected keys to hit the Peacock and Cuckoo hashing schemes at their weakest points. For the Peacock Hashing, we show that after the attacker fills up only a fraction (typically 5% - 10%) of the buckets, the table completely loses its ability to handle collisions, causing the discard rate (of new keys) to increase dramatically (100 - 1,800 times higher). For the Cuckoo Hashing, we show an attack that can impose on the system an excessive number of memory accesses and degrade its performance. We analyze the vulnerability of the system as a function of the critical parameters and provide simulations results as well.

Original language	English
Title of host publication	NETWORKING 2012 - 11th International IFIP TC 6 Networking Conference, Proceedings
Pages	135-148
Number of pages	14
Edition	PART 1
DOIs	https://doi.org/10.1007/978-3-642-30045-5_11
State	Published - 2012
Event	11th International IFIP TC 6 Networking Conference, NETWORKING 2012 - Prague, Czech Republic Duration: 21 May 2012 → 25 May 2012

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Number	PART 1
Volume	7289 LNCS

Conference

Conference	11th International IFIP TC 6 Networking Conference, NETWORKING 2012
Country/Territory	Czech Republic
City	Prague
Period	21/05/12 → 25/05/12

All Science Journal Classification (ASJC) codes

Theoretical Computer Science
General Computer Science

Access to Document

https://doi.org/10.1007/978-3-642-30045-5_11

Cite this

Ben-Porat, U., Bremler-Barr, A., Levy, H., & Plattner, B. (2012). On the vulnerability of hardware hash tables to sophisticated attacks. In NETWORKING 2012 - 11th International IFIP TC 6 Networking Conference, Proceedings (PART 1 ed., pp. 135-148). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7289 LNCS, No. PART 1). https://doi.org/10.1007/978-3-642-30045-5_11

Ben-Porat, Udi ; Bremler-Barr, Anat ; Levy, Hanoch et al. / On the vulnerability of hardware hash tables to sophisticated attacks. NETWORKING 2012 - 11th International IFIP TC 6 Networking Conference, Proceedings. PART 1. ed. 2012. pp. 135-148 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); PART 1).

@inproceedings{b1cc0675efbc4c80916c095ca8915cce,

title = "On the vulnerability of hardware hash tables to sophisticated attacks",

abstract = "Peacock and Cuckoo hashing schemes are currently the most studied hash implementations for hardware network systems (such as NIDS, Firewalls, etc.). In this work we evaluate their vulnerability to sophisticated complexity Denial of Service (DoS) attacks. We show that an attacker can use insertion of carefully selected keys to hit the Peacock and Cuckoo hashing schemes at their weakest points. For the Peacock Hashing, we show that after the attacker fills up only a fraction (typically 5% - 10%) of the buckets, the table completely loses its ability to handle collisions, causing the discard rate (of new keys) to increase dramatically (100 - 1,800 times higher). For the Cuckoo Hashing, we show an attack that can impose on the system an excessive number of memory accesses and degrade its performance. We analyze the vulnerability of the system as a function of the critical parameters and provide simulations results as well.",

author = "Udi Ben-Porat and Anat Bremler-Barr and Hanoch Levy and Bernhard Plattner",

year = "2012",

doi = "https://doi.org/10.1007/978-3-642-30045-5_11",

language = "الإنجليزيّة",

isbn = "9783642300448",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

number = "PART 1",

pages = "135--148",

booktitle = "NETWORKING 2012 - 11th International IFIP TC 6 Networking Conference, Proceedings",

edition = "PART 1",

note = "11th International IFIP TC 6 Networking Conference, NETWORKING 2012 ; Conference date: 21-05-2012 Through 25-05-2012",

}

Ben-Porat, U, Bremler-Barr, A, Levy, H & Plattner, B 2012, On the vulnerability of hardware hash tables to sophisticated attacks. in NETWORKING 2012 - 11th International IFIP TC 6 Networking Conference, Proceedings. PART 1 edn, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), no. PART 1, vol. 7289 LNCS, pp. 135-148, 11th International IFIP TC 6 Networking Conference, NETWORKING 2012, Prague, Czech Republic, 21/05/12. https://doi.org/10.1007/978-3-642-30045-5_11

On the vulnerability of hardware hash tables to sophisticated attacks. / Ben-Porat, Udi; Bremler-Barr, Anat; Levy, Hanoch et al.
NETWORKING 2012 - 11th International IFIP TC 6 Networking Conference, Proceedings. PART 1. ed. 2012. p. 135-148 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7289 LNCS, No. PART 1).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - On the vulnerability of hardware hash tables to sophisticated attacks

AU - Ben-Porat, Udi

AU - Bremler-Barr, Anat

AU - Levy, Hanoch

AU - Plattner, Bernhard

PY - 2012

Y1 - 2012

N2 - Peacock and Cuckoo hashing schemes are currently the most studied hash implementations for hardware network systems (such as NIDS, Firewalls, etc.). In this work we evaluate their vulnerability to sophisticated complexity Denial of Service (DoS) attacks. We show that an attacker can use insertion of carefully selected keys to hit the Peacock and Cuckoo hashing schemes at their weakest points. For the Peacock Hashing, we show that after the attacker fills up only a fraction (typically 5% - 10%) of the buckets, the table completely loses its ability to handle collisions, causing the discard rate (of new keys) to increase dramatically (100 - 1,800 times higher). For the Cuckoo Hashing, we show an attack that can impose on the system an excessive number of memory accesses and degrade its performance. We analyze the vulnerability of the system as a function of the critical parameters and provide simulations results as well.

AB - Peacock and Cuckoo hashing schemes are currently the most studied hash implementations for hardware network systems (such as NIDS, Firewalls, etc.). In this work we evaluate their vulnerability to sophisticated complexity Denial of Service (DoS) attacks. We show that an attacker can use insertion of carefully selected keys to hit the Peacock and Cuckoo hashing schemes at their weakest points. For the Peacock Hashing, we show that after the attacker fills up only a fraction (typically 5% - 10%) of the buckets, the table completely loses its ability to handle collisions, causing the discard rate (of new keys) to increase dramatically (100 - 1,800 times higher). For the Cuckoo Hashing, we show an attack that can impose on the system an excessive number of memory accesses and degrade its performance. We analyze the vulnerability of the system as a function of the critical parameters and provide simulations results as well.

UR - http://www.scopus.com/inward/record.url?scp=84861658039&partnerID=8YFLogxK

U2 - https://doi.org/10.1007/978-3-642-30045-5_11

DO - https://doi.org/10.1007/978-3-642-30045-5_11

M3 - منشور من مؤتمر

SN - 9783642300448

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 135

EP - 148

BT - NETWORKING 2012 - 11th International IFIP TC 6 Networking Conference, Proceedings

T2 - 11th International IFIP TC 6 Networking Conference, NETWORKING 2012

Y2 - 21 May 2012 through 25 May 2012

ER -

Ben-Porat U, Bremler-Barr A, Levy H, Plattner B. On the vulnerability of hardware hash tables to sophisticated attacks. In NETWORKING 2012 - 11th International IFIP TC 6 Networking Conference, Proceedings. PART 1 ed. 2012. p. 135-148. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); PART 1). doi: https://doi.org/10.1007/978-3-642-30045-5_11

On the vulnerability of hardware hash tables to sophisticated attacks

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this