On the vulnerability of hardware hash tables to sophisticated attacks

Udi Ben-Porat, Anat Bremler-Barr, Hanoch Levy, Bernhard Plattner

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Peacock and Cuckoo hashing schemes are currently the most studied hash implementations for hardware network systems (such as NIDS, Firewalls, etc.). In this work we evaluate their vulnerability to sophisticated complexity Denial of Service (DoS) attacks. We show that an attacker can use insertion of carefully selected keys to hit the Peacock and Cuckoo hashing schemes at their weakest points. For the Peacock Hashing, we show that after the attacker fills up only a fraction (typically 5% - 10%) of the buckets, the table completely loses its ability to handle collisions, causing the discard rate (of new keys) to increase dramatically (100 - 1,800 times higher). For the Cuckoo Hashing, we show an attack that can impose on the system an excessive number of memory accesses and degrade its performance. We analyze the vulnerability of the system as a function of the critical parameters and provide simulations results as well.

Original languageEnglish
Title of host publicationNETWORKING 2012 - 11th International IFIP TC 6 Networking Conference, Proceedings
Pages135-148
Number of pages14
EditionPART 1
DOIs
StatePublished - 2012
Event11th International IFIP TC 6 Networking Conference, NETWORKING 2012 - Prague, Czech Republic
Duration: 21 May 201225 May 2012

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
NumberPART 1
Volume7289 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference11th International IFIP TC 6 Networking Conference, NETWORKING 2012
Country/TerritoryCzech Republic
CityPrague
Period21/05/1225/05/12

Fingerprint

Dive into the research topics of 'On the vulnerability of hardware hash tables to sophisticated attacks'. Together they form a unique fingerprint.

Cite this