Attacking Adaptive Cuckoo Filters: Too Much Adaptation Can Kill You

Abstract

Adaptation has recently been proposed to reduce the false positive rate of approximate membership check filters for applications in which the same elements are checked multiple times. Its operational principle is to adapt the filter when a false positive occurs for a given element, such that subsequent checks of that element do not cause a positive result (as beneficial for example in networking). Security is an important consideration for approximate membership check filters and several attacks have been described in the literature; therefore, it is of interest to study the security of adaptive filters. In this paper, we consider adaptive cuckoo filters and show that an attacker can generate sequences of lookups that cause the filter to continuously adapt and not being able to remove the false positives. This degrades the filter performance due to the adaptation overhead; it also makes it harder for other false positives to be removed, because adaptation can be monopolized by the attacker. This can be done when the attacker has only a black-box access to the filter being able to perform lookups but with no knowledge of the implementation of the filter. The proposed attacks have been implemented and tested to validate their effectiveness in terms of the construction of the attack set and the impact of the attack itself. The evaluation results confirm that adaptation unfortunately increases the attack surface of filters and new mechanisms to protect them should be developed.