Replay Attack Detection Using Bloom Filters

Even with widespread encryption and traffic signing in modern networks, certain challenges persist. Replay attacks, in particular, pose significant risks by causing unintended consequences in application protocols, and can be very difficult to detect without modifying the underlying protocols. Relying solely on the application layer to identify duplicate messages may be insufficient. This work explored the use of Bloom filters as a potential space- and time-efficient solution for detecting duplicate messages in network traffic. However, after a thorough analysis of the key aspects and parameters of various Bloom filter implementations, it was determined that this approach is neither practical nor scalable within the memory constraints of current networking hardware.