More Web Proxy on the site http://driver.im/

research-article

Preventing "bad" content dispersal in named data networking

Authors:

Chen TianAuthors Info & Claims

ACM TURC '17: Proceedings of the ACM Turing 50th Celebration Conference - China

Article No.: 37, Pages 1 - 8

https://doi.org/10.1145/3063955.3063993

Published: 12 May 2017 Publication History

Abstract

Named Data Networking (NDN) improves the data delivery efficiency by caching contents in routers. To prevent corrupted and faked contents be spread in the network, NDN routers should verify the digital signature of each published content. Since the verification scheme in NDN applies the asymmetric encryption algorithm to sign contents, the speed of content verification is too slow to satisfy the high speed requirement. In this paper, we propose two schemes to improve the verification performance of NDN routers to prevent content poisoning. The first content verification scheme, called "user-assisted", leads to the best performance, but can be by-passed if the clients and the content producer collude. To prevent the aforementioned collusion attack, we improve the user-assisted content verification scheme and propose the second content verification scheme, named "Router-Cooperation", in which the edge routers verify the contents independently without the assistance of users and the core routers no longer verify the contents. The Router-Cooperation verification scheme reduces the computing complexity of cryptographic operation by replacing the asymmetric encryption algorithm with symmetric encryption algorithm. The simulation results demonstrate that this Router-Cooperation scheme can speed up 145.5x (in hardware) and 18.85x (in software) of the original content verification scheme with merely extra transmission overhead.

References

[1]

Gergely Acs, Mauro Conti, Paolo Gasti, Cesar Ghali, and Gene Tsudik. 2013. Cache Privacy in Named-Data Networking. In Distributed Computing Systems (ICDCS), 2013 IEEE 33rd International Conference on. 41--51.

Digital Library

[2]

Giuseppe Bianchi, Andrea Detti, Alberto Caponi, and Nicola Blefari Melazzi. 2013. Check Before Storing: What is the Performance Price of Content Integrity Verification in LRU Caching? SIGCOMM Comput. Commun. Rev. 43, 3 (July 2013), 59--67.

Digital Library

[3]

Ian Clarke, Oskar Sandberg, Brandon Wiley, and Theodore W. Hong. 2000. Freenet: A Distributed Anonymous Information Storage and Retrieval System. 46--66 pages.

Digital Library

[4]

Mauro Conti, Paolo Gasti, and Marco Teoli. 2013. A lightweight mechanism for detection of cache pollution attacks in Named Data Networking. Computer Networks 57, 16 (2013), 3178 -- 3191.

Digital Library

[5]

Wei Dai. 2017. Crypto++ 5.6.0 Benchmark. (2017). http://www.cryptopp.com/benchmarks.html

[6]

A. Detti, A. Caponi, G. Tropea, G. Bianchi, and N. Blefari-Melazzi. 2013. On the interplay among naming, content validity and caching in Information Centric Networks. In Global Communications Conference (GLOBECOM), 2013 IEEE. 2108--2113.

[7]

Steve DiBenedetto, Paolo Gasti, Gene Tsudik, and Ersin Uzun. 2011. AN-DaNA: Anonymous Named Data Networking Application. CoRR abs/1112.2205 (2011).

[8]

P. Gasti, G. Tsudik, E. Uzun, and L. Zhang. 2012. DoS and DDoS in Named-Data Networking. ArXiv e-prints (Aug. 2012). arXiv:cs.NI/1208.0952

[9]

Van Jacobson, Diana K. Smetters, Nicholas H. Briggs, Michael F. Plass, Paul Stewart, James D. Thornton, and Rebecca L. Braynard. 2009. VoCCN: voice-over content-centric networks. In Proceedings of the 2009 workshop on Re-architecting the internet (ReArch '09). ACM, New York, NY, USA, 1--6.

Digital Library

[10]

Van Jacobson, Diana K. Smetters, James D. Thornton, Michael F. Plass, Nicholas H. Briggs, and Rebecca L. Braynard. 2009. Networking named content. In Proceedings of the 5th international conference on Emerging networking experiments and technologies (CoNEXT '09). ACM, 1--12.

Digital Library

[11]

John Kubiatowicz, David Bindel, Yan Chen, Steven E. Czerwinski, Patrick R. Eaton, Dennis Geels, Ramakrishna Gummadi, Sean C. Rhea, Hakim Weather-spoon, Westley Weimer, Chris Wells, and Ben Y. Zhao. 2000. OceanStore: an architecture for global-scale persistent storage. Sigplan Notices 35 (2000), 190--201. Issue 11.

Digital Library

[12]

Tobias Lauinger. 2010. Security & Scalability of Content-Centric Networking. (September 2010). http://tuprints.ulb.tu-darmstadt.de/2275/

[13]

Jun Li, Hao Wu, Bin Liu, Jianyuan Lu, Yi Wang, Xin Wang, Yan Yong Zhang, and Lijun Dong. 2012. Popularity-driven Coordinated Caching in Named Data Networking. In Proceedings of the Eighth ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS '12). ACM, New York, NY, USA, 15--26.

Digital Library

[14]

Qi Li, Xinwen Zhang, Qingji Zheng, R. Sandhu, and Xiaoming Fu. 2015. LIVE: Lightweight Integrity Verification and Content Access Control for Named Data Networking. Information Forensics and Security, IEEE Transactions on 10, 2 (Feb 2015), 308--320.

[15]

OpenMP. 2017. The OpenMP API specification for parallel programming. (2017). http://openmp.org

[16]

Bogdan C. Popescu, Maarten Van Steen, Bruno Crispo, Andrew S. Tanenbaum, Jan Sacha, and Ihor Kuz. 2005. Securely Replicated Web Documents. In International Parallel and Distributed Processing Symposium/International Parallel Processing Symposium.

Digital Library

[17]

E.J. Rosensweig, D.S. Menasche, and J. Kurose. 2013. On the steady-state of cache networks. In INFOCOM, 2013 Proceedings IEEE. 863--871.

[18]

Diana Smetters and Van Jacobson. 2009. Securing Network Content. (2009). https://www.parc.com/content/attachments/securing-network-content-tr.pdf

[19]

Yi Wang, Huichen Dai, Junchen Jiang, Keqiang He, Wei Meng, and Bin Liu. 2011. Parallel Name Lookup for Named Data Networking. In IEEE Global Telecommunications Conference (GLOBECOM). 1--5.

[20]

Yi Wang, Huichen Dai, Ting Zhang, Wei Meng, Jindou Fan, and Bin Liu. 2013. GPU-accelerated name lookup with component encoding. Computer Networks 57, 16 (2013), 3165 -- 3177.

Digital Library

[21]

Yi Wang, Keqiang He, Huichen Dai, Wei Meng, Junchen Jiang, Bin Liu, and Yan Chen. 2012. Scalable Name Lookup in NDN Using Effective Name Component Encoding. In IEEE 32nd International Conference on Distributed Computing Systems (ICDCS). 688--697.

Digital Library

[22]

Yi Wang, Tian Pan, Zhian Mi, Huichen Dai, Xiaoyu Guo, Ting Zhang, Bin Liu, and Qunfeng Dong. 2013. NameFilter: Achieving fast name lookup with low memory cost via applying two-stage Bloom filters. In INFOCOM 2013 mini conference, IEEE.

[23]

Yi Wang, Dongzhe Tai, Ting Zhang, Jianyuan Lu, Boyang Xu, Huichen Dai, and Bin Liu. 2013. Greedy Name Lookup for Named Data Networking. In Proceedings of the ACM SIGMETRICS/International Conference on Measurement and Modeling of Computer Systems (SIGMETRICS '13). ACM, New York, NY, USA, 359--360.

Digital Library

[24]

Yi Wang, Yuan Zu, Ting Zhang, Kunyang Peng, Qunfeng Dong, Bin Liu, Wei Meng, Huichen Dai, Xin Tian, Zhonghu Xu, Hao Wu, and Di Yang. 2013. Wire Speed Name Lookup: A GPU-based Approach. In Proceedings of the 10th USENIX Conference on Networked Systems Design and Implementation (nsdi' 13). USENIX Association, Berkeley, CA, USA, 199--212. http://dl.acm.org/citation.cfm?id=2482626.2482647

Digital Library

[25]

Hao Wu, Jun Li, Yi Wang, and Bin Liu. 2013. EMC: The Effective Multi-Path Caching Scheme for Named Data Networking. In Computer Communications and Networks (ICCCN), 2013 22nd International Conference on. 1--7.

[26]

Mengjun Xie, I. Widjaja, and Haining Wang. 2012. Enhancing cache robustness for content-centric networking. In INFOCOM, 2012 Proceedings IEEE. 24262434.

[27]

Cheng Yi, Alexander Afanasyev, Ilya Moiseenko, Lan Wang, Beichuan Zhang, and Lixia Zhang. 2013. A case for stateful forwarding plane. Computer Communications 36, 7 (2013), 779 -- 791. http://www.sciencedirect.com/science/article/pii/S0140366413000236

Digital Library

[28]

Haowei Yuan, Tian Song, and P. Crowley. 2012. Scalable NDN Forwarding: Concepts, Issues and Principles. In International Conference on Computer Communications and Networks (ICCCN). 1--9.

[29]

Lixia Zhang, Deborah Estrin, Jeffrey Burkeand, Van Jacobson, James D. Thornton, Ersin Uzun, and Baichuan Zhang. 2013. Named Data Networking (NDN) Project 2011 -- 2012 Annual Report. (2013). http://named-data.net/wp-content/uploads/2013/08/ndn-proj-pub.pdf

[30]

Lixia Zhang, Deborah Estrin, Van Jacobson, and Baichuan Zhang. 2010. Named Data Networking (NDN) Project. http://www.named-data.net/

[31]

Zhenkai Zhu, Sen Wang, Xu Yang, Van Jacobson, and Lixia Zhang. 2011. ACT: Audio Conference Tool over Named Data Networking. In Proceedings of the ACM SIGCOMM Workshop on Information-centric Networking (ICN '11). ACM, New York, NY, USA, 68--73.

Digital Library

Cited By

Kapetanidou IMendes PTsaoussidis V(2023)Enhancing Security in Information-Centric Ad Hoc NetworksNOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium10.1109/NOMS56928.2023.10154444(1-9)Online publication date: 8-May-2023
https://doi.org/10.1109/NOMS56928.2023.10154444
Shah MLeau YAnbar MBin-Salem A(2023)Security and Integrity Attacks in Named Data Networking: A SurveyIEEE Access10.1109/ACCESS.2023.323873211(7984-8004)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3238732
Qureshi AAnjum NRais RUr-Rehman MQayyum A(2021)Detection of malicious consumer interest packet with dynamic threshold valuesPeerJ Computer Science10.7717/peerj-cs.4357(e435)Online publication date: 17-Mar-2021
https://doi.org/10.7717/peerj-cs.435
Show More Cited By

Index Terms

Preventing "bad" content dispersal in named data networking
1. Networks
  1. Network algorithms
    1. Data path algorithms
      1. Packet scheduling
  2. Network performance evaluation
    1. Network experimentation

Recommendations

An efficient content source verification scheme for multi-receiver in NDN-based Internet of Things
Abstract
Internet of Things (IoT) is a heterogeneous environment where multiple devices/consumers can interest/request for the same chunk of content at the same time with the need for source authenticity. According to the current NDN policy, only one user ...
Named data networking on a router: forwarding at 20gbps and beyond

Named data networking (NDN) is a new networking paradigm using named data instead of named hosts for communication. Implementation of scalable NDN packet forwarding remains a challenge because NDN requires fast variable-length hierarchical name-based ...
A Partial Cache for Multimedia Content in Named Data Networking
PLATCON '15: Proceedings of the 2015 International Conference on Platform Technology and Service

Named Data Networking (NDN) is a novel transmission framework in future Internet. It is a content-centric network. The content is routed based on its unique name, not IP address in NDN. A NDN node broadcasts an interest packet with the requesting named ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

ACM TURC '17: Proceedings of the ACM Turing 50th Celebration Conference - China

May 2017

371 pages

ISBN:9781450348737

DOI:10.1145/3063955

Conference Chairs:
John Lui
The Chinese University of Hong Kong
,
Xinbing Wang
Shanghai Jiao Tong University
,
General Chairs:
Alexander Wolf
University of California, Santa Cruz
,
Yunhao Liu
Tsinghua University, China
,
Chuanping Hu
The Third Research Institute of MPS, China

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 May 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ACM TUR-C '17

ACM TUR-C '17: ACM Turing 50th Celebration Conference - China

May 12 - 14, 2017

Shanghai, China

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
150
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)1

Reflects downloads up to 31 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Kapetanidou IMendes PTsaoussidis V(2023)Enhancing Security in Information-Centric Ad Hoc NetworksNOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium10.1109/NOMS56928.2023.10154444(1-9)Online publication date: 8-May-2023
https://doi.org/10.1109/NOMS56928.2023.10154444
Shah MLeau YAnbar MBin-Salem A(2023)Security and Integrity Attacks in Named Data Networking: A SurveyIEEE Access10.1109/ACCESS.2023.323873211(7984-8004)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3238732
Qureshi AAnjum NRais RUr-Rehman MQayyum A(2021)Detection of malicious consumer interest packet with dynamic threshold valuesPeerJ Computer Science10.7717/peerj-cs.4357(e435)Online publication date: 17-Mar-2021
https://doi.org/10.7717/peerj-cs.435
Tran CTourani RMisra SMachacek TPanwar GCarofiglio GOran DOtt JWang L(2021)Analyzing GDPR compliance of named data networkingProceedings of the 8th ACM Conference on Information-Centric Networking10.1145/3460417.3482979(107-117)Online publication date: 22-Sep-2021
https://dl.acm.org/doi/10.1145/3460417.3482979
Kapetanidou ISarros CTsaoussidis V(2019)Reputation-Based Trust Approaches in Named Data NetworkingFuture Internet10.3390/fi1111024111:11(241)Online publication date: 18-Nov-2019
https://doi.org/10.3390/fi11110241
Cui WLi YZhang YLiu CZhan M(2019)An Ant Colony Algorithm Based Content Poisoning Mitigation in Named Data Networking2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)10.1109/TrustCom/BigDataSE.2019.00032(176-183)Online publication date: Aug-2019
https://doi.org/10.1109/TrustCom/BigDataSE.2019.00032
Cui WLi YXin YLiu C(2018)Feedback-Based Content Poisoning Mitigation in Named Data Networking2018 IEEE Symposium on Computers and Communications (ISCC)10.1109/ISCC.2018.8538609(00759-00765)Online publication date: Jun-2018
https://doi.org/10.1109/ISCC.2018.8538609
Kang HZhu YTao YYang J(2018)An in-network collaborative verification mechanism for defending content poisoning in Named Data Networking2018 1st IEEE International Conference on Hot Information-Centric Networking (HotICN)10.1109/HOTICN.2018.8606003(46-50)Online publication date: Aug-2018
https://doi.org/10.1109/HOTICN.2018.8606003
C PA R V(undefined)Security Challenges in NDN Based Underwater Wireless Sensor Networks: An OverviewSSRN Electronic Journal10.2139/ssrn.3734734
https://doi.org/10.2139/ssrn.3734734

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten