Biblio

The wide adoption of Bloom filters makes their security an important issue to be addressed. For example, an attacker can increase their error rate through polluting and eventually saturating the filter by inserting elements that set to one a large number of positions in the filter. This is known as a pollution attack and requires that the attacker knows the hash functions used to construct the filter. Such information is not available in many practical settings and in addition a simple protection can be achieved through using a random salt in the hash functions. The same pollution attacks can also be done to counting Bloom filters that in addition to insertions and lookups support removals. This paper considers pollution attacks on counting Bloom filters. We describe two novel pollution attacks that do not require any knowledge of the counting Bloom filter implementation details and evaluate them. These methods show that a counting Bloom filter is vulnerable to pollution attacks even when the attacker has only access to the filter as a black box to perform insertions, removals, and lookups.

Network coding (NC) can significantly increase network performance and make lossy networks more reliable. Since the middle nodes modify the packets during their path to destination, integrity of the original packets cannot be checked using classical methods (MACs, Signatures, etc). Though, pollution attacks are the most common threat to network coded systems, where an infected node can inject the data flow of a network with a number of false packets and ban the receiver from properly decoding the packets. A lot of work in the security of NC in resisting pollution attacks has been investigated in recent years, majority have the same security parameter 1/q. A Homomorphic MAC scheme is presented earlier to resist pollution attacks with a security level 1/qˆl, In this paper, we will show that the mentioned scheme is subject to known-plaintext attacks. This is due to that part of the key can be revealed in an initial process. Also, the whole key could be revealed if the key is used more than once. Then, a modification to the mentioned scheme is proposed to overcome this issue. Besides, the MAC length is adjustable according to the required security level and not variable according to the vector's length which will accordingly increase the performance and efficiency of the scheme.

We consider Delay Tolerant Mobile Social Networks (DTMSNs), made of wireless nodes with intermittent connections and clustered into social communities. The lack of infrastructure and its reliance on nodes' mobility make routing a challenge. Network Coding (NC) is a generalization of routing and has been shown to bring a number of advantages over routing. We consider the problem of pollution attacks in these networks, that are a very important issue both for NC and for DTMSNs. Our first contribution is to propose a protocol which allows controlling adversary's capacity by combining cryptographic hash dissemination and error-correction to ensure message recovery at the receiver. Our second contribution is the modeling of the performance of such a protection scheme. To do so, we adapt an inter-session NC model based on a fluid approximation of the dissemination process. We provide a numerical validation of the model. We are eventually able to provide a workflow to set the correct parameters and counteract the attacks. We conclude by highlighting how these contributions can help secure a real-world DTMSN application (e.g., a smart-phone app.).