Abstract
Information-leakage is one of the most important security issues in the current Internet. In Named-Data Networking (NDN), Interest names introduce novel vulnerabilities that can be exploited. By setting up a malware, Interest names can be used to encode critical information (steganography embedded) and to leak information out of the network by generating anomalous Interest traffic. This security threat based on Interest names does not exist in IP network, and it is essential to solve this issue to secure the NDN architecture. This paper performs risk analysis of information-leakage in NDN. We first describe vulnerabilities with Interest names and, as countermeasures, we propose a name-based filter using search engine information, and another filter using one-class Support Vector Machine (SVM). We collected URLs from the data repository provided by Common Crawl and we evaluate the performances of our per-packet filters. We show that our filters can choke drastically the throughput of information-leakage, which makes it easier to detect anomalous Interest traffic. It is therefore possible to mitigate information-leakage in NDN network and it is a strong incentive for future deployment of this architecture at the Internet scale.
| Original language | English |
|---|---|
| Title of host publication | 2017 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2017 |
| Publisher | Institute of Electrical and Electronics Engineers Inc. |
| Pages | 360-365 |
| Number of pages | 6 |
| ISBN (Electronic) | 9781538627846 |
| DOIs | |
| Publication status | Published - 2017 Nov 20 |
| Externally published | Yes |
| Event | 2017 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2017 - Atlanta, United States Duration: 2017 May 1 → 2017 May 4 |
Other
| Other | 2017 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2017 |
|---|---|
| Country | United States |
| City | Atlanta |
| Period | 17/5/1 → 17/5/4 |
Fingerprint
ASJC Scopus subject areas
- Hardware and Architecture
- Control and Optimization
- Artificial Intelligence
- Computer Networks and Communications
Cite this
Risk analysis of information-leakage through interest packets in NDN. / Kondo, Daishi; Silverston, Thomas; Tode, Hideki; Asami, Tohru; Perrin, Olivier.
2017 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2017. Institute of Electrical and Electronics Engineers Inc., 2017. p. 360-365 8116403.Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
}
TY - GEN
T1 - Risk analysis of information-leakage through interest packets in NDN
AU - Kondo, Daishi
AU - Silverston, Thomas
AU - Tode, Hideki
AU - Asami, Tohru
AU - Perrin, Olivier
PY - 2017/11/20
Y1 - 2017/11/20
N2 - Information-leakage is one of the most important security issues in the current Internet. In Named-Data Networking (NDN), Interest names introduce novel vulnerabilities that can be exploited. By setting up a malware, Interest names can be used to encode critical information (steganography embedded) and to leak information out of the network by generating anomalous Interest traffic. This security threat based on Interest names does not exist in IP network, and it is essential to solve this issue to secure the NDN architecture. This paper performs risk analysis of information-leakage in NDN. We first describe vulnerabilities with Interest names and, as countermeasures, we propose a name-based filter using search engine information, and another filter using one-class Support Vector Machine (SVM). We collected URLs from the data repository provided by Common Crawl and we evaluate the performances of our per-packet filters. We show that our filters can choke drastically the throughput of information-leakage, which makes it easier to detect anomalous Interest traffic. It is therefore possible to mitigate information-leakage in NDN network and it is a strong incentive for future deployment of this architecture at the Internet scale.
AB - Information-leakage is one of the most important security issues in the current Internet. In Named-Data Networking (NDN), Interest names introduce novel vulnerabilities that can be exploited. By setting up a malware, Interest names can be used to encode critical information (steganography embedded) and to leak information out of the network by generating anomalous Interest traffic. This security threat based on Interest names does not exist in IP network, and it is essential to solve this issue to secure the NDN architecture. This paper performs risk analysis of information-leakage in NDN. We first describe vulnerabilities with Interest names and, as countermeasures, we propose a name-based filter using search engine information, and another filter using one-class Support Vector Machine (SVM). We collected URLs from the data repository provided by Common Crawl and we evaluate the performances of our per-packet filters. We show that our filters can choke drastically the throughput of information-leakage, which makes it easier to detect anomalous Interest traffic. It is therefore possible to mitigate information-leakage in NDN network and it is a strong incentive for future deployment of this architecture at the Internet scale.
UR - http://www.scopus.com/inward/record.url?scp=85041323791&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85041323791&partnerID=8YFLogxK
U2 - 10.1109/INFCOMW.2017.8116403
DO - 10.1109/INFCOMW.2017.8116403
M3 - Conference contribution
SP - 360
EP - 365
BT - 2017 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2017
PB - Institute of Electrical and Electronics Engineers Inc.
ER -