Name anomaly detection for ICN

Daishi Kondo, Thomas Silverston, Hideki Tode, Tohru Asami, Olivier Perrin

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Citations (Scopus)

Abstract

Information leakages are one of the main security threats in today's Internet. As ICN is expected to become the core architecture for Future Internet, it is therefore mandatory to prevent this threat. This paper proves that some ICN configuration prevents information leakages via Data packets and shows that it is an open problem to prevent interest packets from carrying encoded crucial information in their names. Assuming that names in ICN will follow the current URL format commonly used in the Internet, we get the statistics of web URL based on extensive crawling experiments of main internet organizations. Then we propose a simple filtering technique based on these statistics for firewall to detect anomalous names in ICN. The experiment shows that our filtering technique recognizes 15% of names in our dataset as malicious. As the false positive rate is still high for this filter to be used in a real world operation, this work is an important step for detecting anomalous names and preventing information-leakage in ICN.

Original languageEnglish
Title of host publicationIEEE LANMAN 2016 - 22nd IEEE International Symposium on Local and Metropolitan Area Networks
PublisherIEEE Computer Society
Volume2016-August
ISBN (Electronic)9781467398824
DOIs
Publication statusPublished - 2016 Aug 22
Externally publishedYes
Event22nd IEEE International Symposium on Local and Metropolitan Area Networks, IEEE LANMAN 2016 - Rome, Italy
Duration: 2016 Jun 132016 Jun 15

Other

Other22nd IEEE International Symposium on Local and Metropolitan Area Networks, IEEE LANMAN 2016
CountryItaly
CityRome
Period16/6/1316/6/15

Fingerprint

Internet
Websites
Statistics
statistics
threat
World Wide Web
experiment
Experiments

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software
  • Electrical and Electronic Engineering
  • Communication

Cite this

Kondo, D., Silverston, T., Tode, H., Asami, T., & Perrin, O. (2016). Name anomaly detection for ICN. In IEEE LANMAN 2016 - 22nd IEEE International Symposium on Local and Metropolitan Area Networks (Vol. 2016-August). [7548854] IEEE Computer Society. https://doi.org/10.1109/LANMAN.2016.7548854

Name anomaly detection for ICN. / Kondo, Daishi; Silverston, Thomas; Tode, Hideki; Asami, Tohru; Perrin, Olivier.

IEEE LANMAN 2016 - 22nd IEEE International Symposium on Local and Metropolitan Area Networks. Vol. 2016-August IEEE Computer Society, 2016. 7548854.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Kondo, D, Silverston, T, Tode, H, Asami, T & Perrin, O 2016, Name anomaly detection for ICN. in IEEE LANMAN 2016 - 22nd IEEE International Symposium on Local and Metropolitan Area Networks. vol. 2016-August, 7548854, IEEE Computer Society, 22nd IEEE International Symposium on Local and Metropolitan Area Networks, IEEE LANMAN 2016, Rome, Italy, 16/6/13. https://doi.org/10.1109/LANMAN.2016.7548854
Kondo D, Silverston T, Tode H, Asami T, Perrin O. Name anomaly detection for ICN. In IEEE LANMAN 2016 - 22nd IEEE International Symposium on Local and Metropolitan Area Networks. Vol. 2016-August. IEEE Computer Society. 2016. 7548854 https://doi.org/10.1109/LANMAN.2016.7548854
Kondo, Daishi ; Silverston, Thomas ; Tode, Hideki ; Asami, Tohru ; Perrin, Olivier. / Name anomaly detection for ICN. IEEE LANMAN 2016 - 22nd IEEE International Symposium on Local and Metropolitan Area Networks. Vol. 2016-August IEEE Computer Society, 2016.
@inproceedings{ac97a80849ea4f5f8e6403b4c88c52fa,
title = "Name anomaly detection for ICN",
abstract = "Information leakages are one of the main security threats in today's Internet. As ICN is expected to become the core architecture for Future Internet, it is therefore mandatory to prevent this threat. This paper proves that some ICN configuration prevents information leakages via Data packets and shows that it is an open problem to prevent interest packets from carrying encoded crucial information in their names. Assuming that names in ICN will follow the current URL format commonly used in the Internet, we get the statistics of web URL based on extensive crawling experiments of main internet organizations. Then we propose a simple filtering technique based on these statistics for firewall to detect anomalous names in ICN. The experiment shows that our filtering technique recognizes 15{\%} of names in our dataset as malicious. As the false positive rate is still high for this filter to be used in a real world operation, this work is an important step for detecting anomalous names and preventing information-leakage in ICN.",
author = "Daishi Kondo and Thomas Silverston and Hideki Tode and Tohru Asami and Olivier Perrin",
year = "2016",
month = "8",
day = "22",
doi = "10.1109/LANMAN.2016.7548854",
language = "English",
volume = "2016-August",
booktitle = "IEEE LANMAN 2016 - 22nd IEEE International Symposium on Local and Metropolitan Area Networks",
publisher = "IEEE Computer Society",

}

TY - GEN

T1 - Name anomaly detection for ICN

AU - Kondo, Daishi

AU - Silverston, Thomas

AU - Tode, Hideki

AU - Asami, Tohru

AU - Perrin, Olivier

PY - 2016/8/22

Y1 - 2016/8/22

N2 - Information leakages are one of the main security threats in today's Internet. As ICN is expected to become the core architecture for Future Internet, it is therefore mandatory to prevent this threat. This paper proves that some ICN configuration prevents information leakages via Data packets and shows that it is an open problem to prevent interest packets from carrying encoded crucial information in their names. Assuming that names in ICN will follow the current URL format commonly used in the Internet, we get the statistics of web URL based on extensive crawling experiments of main internet organizations. Then we propose a simple filtering technique based on these statistics for firewall to detect anomalous names in ICN. The experiment shows that our filtering technique recognizes 15% of names in our dataset as malicious. As the false positive rate is still high for this filter to be used in a real world operation, this work is an important step for detecting anomalous names and preventing information-leakage in ICN.

AB - Information leakages are one of the main security threats in today's Internet. As ICN is expected to become the core architecture for Future Internet, it is therefore mandatory to prevent this threat. This paper proves that some ICN configuration prevents information leakages via Data packets and shows that it is an open problem to prevent interest packets from carrying encoded crucial information in their names. Assuming that names in ICN will follow the current URL format commonly used in the Internet, we get the statistics of web URL based on extensive crawling experiments of main internet organizations. Then we propose a simple filtering technique based on these statistics for firewall to detect anomalous names in ICN. The experiment shows that our filtering technique recognizes 15% of names in our dataset as malicious. As the false positive rate is still high for this filter to be used in a real world operation, this work is an important step for detecting anomalous names and preventing information-leakage in ICN.

UR - http://www.scopus.com/inward/record.url?scp=84987735525&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84987735525&partnerID=8YFLogxK

U2 - 10.1109/LANMAN.2016.7548854

DO - 10.1109/LANMAN.2016.7548854

M3 - Conference contribution

AN - SCOPUS:84987735525

VL - 2016-August

BT - IEEE LANMAN 2016 - 22nd IEEE International Symposium on Local and Metropolitan Area Networks

PB - IEEE Computer Society

ER -