Abstract
Many recent mobile devices have CPU units comparable to desktop computers while the storage capacity they offer is significantly reduced, often by a factor of one hundred. This restriction is crucial for most current blacklisting solutions which have good performance but suffer from large memory consumption. In order to improve the situation, we propose a novel blacklisting solution operating on compressed lists. For compression, we adapt the tabular Quine-McCluskey algorithm based on the concept of reduced masks. This guarantees that the compressed blacklist is never larger than the original one. For l entries in the blacklist and k prime implicants with the highest degree n our optimized top-down reduction algorithm requires at most k + l + 2n memory instead of kl. Evaluations prove that the space efficient network address blacklisting on compressed data can save up to 74,43% memory space.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Brayton, R.K.: Logic minimization algorithms for VLSI synthesis. Kluwer Academic (1984)
Chandra, A., Markowsky, G.: On the number of prime implicants. Discrete Mathematics 24, 7–11 (1978)
Coudert, O.: Two-level logic minimization: an overview. Integration, the VLSI Journal 17(2), 97–140 (1994)
Dagenais, M.R., Agarwal, V.K., Rumin, N.C.: Mcboole: A new procedure for exact logic minimization. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 5(1), 229–238 (1986)
Herrero, A., Zurutuza, U., Corchado, E.: A neural-visualization ids for honeynet data. International Journal of Neural Systems 22(2) (2012)
Hlavička, J., Fišer, P.: Boom: A heuristic boolean minimizer. In: Proceedings of the 2001 IEEE/ACM International Conference on Computer-aided Design, pp. 439–442. IEEE (2001)
Jain, T.K., Kushwaha, D.S., Misra, A.K.: Optimization of the quine-mccluskey method for the minimization of the boolean expressions. In: Fourth International Conference on Autonomic and Autonomous Systems, ICAS 2008, pp. 165–168. IEEE (2008)
NiX Spam project. Dns-based blacklist of nix spam, http://www.dnsbl.manitu.net
Quine, W.V.: A way to simplify truth functions. American Mathematical Monthly, 627–631 (1955)
Ruiz-Sánchez, M.Á., Biersack, E.W., Dabbous, W.: Survey and taxonomy of ip address lookup algorithms. IEEE Network 15(2), 8–23 (2001)
Thames, L., Abler, R., Keeling, D.: Bit vector algorithms enabling high-speed and memory-efficient firewall blacklisting. In: Proceedings of the 47th Annual Southeast Regional Conference, p. 22. ACM (2009)
The Internet Assigned Numbers Authority (IANA). Service name and transport protocol port number registry, http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml
Theobald, M., Nowick, S.M., Wu, T.: Espresso-hf: A heuristic hazard-free minimizer for two-level logic. In: Proceedings of the 33rd Annual Design Automation Conference, pp. 71–76. ACM (1996)
Ullrich, J.: Dshield global worst offender list, https://feeds.dshield.org/block.txt
Zhang, J., Porras, P.A., Ullrich, J.: Highly predictive blacklisting. In: USENIX Security Symposium, pp. 107–122. ACM (2008)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Kühnel, M., Meyer, U. (2014). Highly Space Efficient Blacklisting. In: de la Puerta, J., et al. International Joint Conference SOCO’14-CISIS’14-ICEUTE’14. Advances in Intelligent Systems and Computing, vol 299. Springer, Cham. https://doi.org/10.1007/978-3-319-07995-0_48
Download citation
DOI: https://doi.org/10.1007/978-3-319-07995-0_48
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-07994-3
Online ISBN: 978-3-319-07995-0
eBook Packages: EngineeringEngineering (R0)