Information-leakage in NDN: Detecting anomalous names

Daishi Kondo, Thomas Silverston, Hideki Tode, Tohru Asami, Perrin Olivier

Research output: Contribution to journalArticle

Abstract

Information leakage is one the main security threats in today's Internet. It can have a significant impact on companies especially by reducing profits and destroying reputations. As Named-Data Networking (NDN) is a promising alternative for the future internet, it is essential to prevent this security threat. NDN relies on a new networking paradigm based on content name. Indeed, today's users are interested in content and not location, and there is a need for a shift from a host-to-host communication paradigm to a host-to-content one. NDN content names are defined with the traditional URL format commonly used in the Internet. In this work, we propose a novel filtering technique to detect packets with malicious names. Indeed, malicious names are more likely to be generated by malwares through "Targeted Attacks" in order to leak out information from legitimate networks. The filters will be used for the NDN firewall as they cannot rely on IP address anymore. We have performed a comprehensive statistical study of URLs based on extensive crawling experiments of main Web organizations. From our experiments, we have derived filters, which were able to detect 15% of malicious names in our data set. This is an essential step towards preventing information leakage in NDN.

Original languageEnglish
Pages (from-to)43-46
Number of pages4
JournalASM Science Journal
Volume2017
Issue numberSpecialissue1
Publication statusPublished - 2017 Jan 1
Externally publishedYes

Fingerprint

Internet
Websites
World Wide Web
Profitability
Experiments
Communication
Industry
Malware

ASJC Scopus subject areas

  • General

Cite this

Kondo, D., Silverston, T., Tode, H., Asami, T., & Olivier, P. (2017). Information-leakage in NDN: Detecting anomalous names. ASM Science Journal, 2017(Specialissue1), 43-46.

Information-leakage in NDN : Detecting anomalous names. / Kondo, Daishi; Silverston, Thomas; Tode, Hideki; Asami, Tohru; Olivier, Perrin.

In: ASM Science Journal, Vol. 2017, No. Specialissue1, 01.01.2017, p. 43-46.

Research output: Contribution to journalArticle

Kondo, D, Silverston, T, Tode, H, Asami, T & Olivier, P 2017, 'Information-leakage in NDN: Detecting anomalous names', ASM Science Journal, vol. 2017, no. Specialissue1, pp. 43-46.
Kondo D, Silverston T, Tode H, Asami T, Olivier P. Information-leakage in NDN: Detecting anomalous names. ASM Science Journal. 2017 Jan 1;2017(Specialissue1):43-46.
Kondo, Daishi ; Silverston, Thomas ; Tode, Hideki ; Asami, Tohru ; Olivier, Perrin. / Information-leakage in NDN : Detecting anomalous names. In: ASM Science Journal. 2017 ; Vol. 2017, No. Specialissue1. pp. 43-46.
@article{d76616a946c948109e237c485c55cffa,
title = "Information-leakage in NDN: Detecting anomalous names",
abstract = "Information leakage is one the main security threats in today's Internet. It can have a significant impact on companies especially by reducing profits and destroying reputations. As Named-Data Networking (NDN) is a promising alternative for the future internet, it is essential to prevent this security threat. NDN relies on a new networking paradigm based on content name. Indeed, today's users are interested in content and not location, and there is a need for a shift from a host-to-host communication paradigm to a host-to-content one. NDN content names are defined with the traditional URL format commonly used in the Internet. In this work, we propose a novel filtering technique to detect packets with malicious names. Indeed, malicious names are more likely to be generated by malwares through {"}Targeted Attacks{"} in order to leak out information from legitimate networks. The filters will be used for the NDN firewall as they cannot rely on IP address anymore. We have performed a comprehensive statistical study of URLs based on extensive crawling experiments of main Web organizations. From our experiments, we have derived filters, which were able to detect 15{\%} of malicious names in our data set. This is an essential step towards preventing information leakage in NDN.",
author = "Daishi Kondo and Thomas Silverston and Hideki Tode and Tohru Asami and Perrin Olivier",
year = "2017",
month = "1",
day = "1",
language = "English",
volume = "2017",
pages = "43--46",
journal = "ASM Science Journal",
issn = "1823-6782",
publisher = "Akademi Sains Malaysia",
number = "Specialissue1",

}

TY - JOUR

T1 - Information-leakage in NDN

T2 - Detecting anomalous names

AU - Kondo, Daishi

AU - Silverston, Thomas

AU - Tode, Hideki

AU - Asami, Tohru

AU - Olivier, Perrin

PY - 2017/1/1

Y1 - 2017/1/1

N2 - Information leakage is one the main security threats in today's Internet. It can have a significant impact on companies especially by reducing profits and destroying reputations. As Named-Data Networking (NDN) is a promising alternative for the future internet, it is essential to prevent this security threat. NDN relies on a new networking paradigm based on content name. Indeed, today's users are interested in content and not location, and there is a need for a shift from a host-to-host communication paradigm to a host-to-content one. NDN content names are defined with the traditional URL format commonly used in the Internet. In this work, we propose a novel filtering technique to detect packets with malicious names. Indeed, malicious names are more likely to be generated by malwares through "Targeted Attacks" in order to leak out information from legitimate networks. The filters will be used for the NDN firewall as they cannot rely on IP address anymore. We have performed a comprehensive statistical study of URLs based on extensive crawling experiments of main Web organizations. From our experiments, we have derived filters, which were able to detect 15% of malicious names in our data set. This is an essential step towards preventing information leakage in NDN.

AB - Information leakage is one the main security threats in today's Internet. It can have a significant impact on companies especially by reducing profits and destroying reputations. As Named-Data Networking (NDN) is a promising alternative for the future internet, it is essential to prevent this security threat. NDN relies on a new networking paradigm based on content name. Indeed, today's users are interested in content and not location, and there is a need for a shift from a host-to-host communication paradigm to a host-to-content one. NDN content names are defined with the traditional URL format commonly used in the Internet. In this work, we propose a novel filtering technique to detect packets with malicious names. Indeed, malicious names are more likely to be generated by malwares through "Targeted Attacks" in order to leak out information from legitimate networks. The filters will be used for the NDN firewall as they cannot rely on IP address anymore. We have performed a comprehensive statistical study of URLs based on extensive crawling experiments of main Web organizations. From our experiments, we have derived filters, which were able to detect 15% of malicious names in our data set. This is an essential step towards preventing information leakage in NDN.

UR - http://www.scopus.com/inward/record.url?scp=85026556643&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85026556643&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:85026556643

VL - 2017

SP - 43

EP - 46

JO - ASM Science Journal

JF - ASM Science Journal

SN - 1823-6782

IS - Specialissue1

ER -