Risk analysis of information-leakage through interest packets in NDN

Daishi Kondo; Thomas Silverston; Hideki Tode; Tohru Asami; Olivier Perrin

doi:10.1109/INFCOMW.2017.8116403

Risk analysis of information-leakage through interest packets in NDN

Daishi Kondo, Thomas Silverston, Hideki Tode, Tohru Asami, Olivier Perrin

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

1 Citation (Scopus)

Abstract

Information-leakage is one of the most important security issues in the current Internet. In Named-Data Networking (NDN), Interest names introduce novel vulnerabilities that can be exploited. By setting up a malware, Interest names can be used to encode critical information (steganography embedded) and to leak information out of the network by generating anomalous Interest traffic. This security threat based on Interest names does not exist in IP network, and it is essential to solve this issue to secure the NDN architecture. This paper performs risk analysis of information-leakage in NDN. We first describe vulnerabilities with Interest names and, as countermeasures, we propose a name-based filter using search engine information, and another filter using one-class Support Vector Machine (SVM). We collected URLs from the data repository provided by Common Crawl and we evaluate the performances of our per-packet filters. We show that our filters can choke drastically the throughput of information-leakage, which makes it easier to detect anomalous Interest traffic. It is therefore possible to mitigate information-leakage in NDN network and it is a strong incentive for future deployment of this architecture at the Internet scale.

Original language	English
Title of host publication	2017 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2017
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	360-365
Number of pages	6
ISBN (Electronic)	9781538627846
DOIs	https://doi.org/10.1109/INFCOMW.2017.8116403
Publication status	Published - 2017 Nov 20
Externally published	Yes
Event	2017 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2017 - Atlanta, United States Duration: 2017 May 1 → 2017 May 4

Other

Other	2017 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2017
Country	United States
City	Atlanta
Period	17/5/1 → 17/5/4

Fingerprint

ASJC Scopus subject areas

Hardware and Architecture
Control and Optimization
Artificial Intelligence
Computer Networks and Communications

Cite this

Kondo, D., Silverston, T., Tode, H., Asami, T., & Perrin, O. (2017). Risk analysis of information-leakage through interest packets in NDN. In 2017 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2017 (pp. 360-365). [8116403] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/INFCOMW.2017.8116403

Risk analysis of information-leakage through interest packets in NDN. / Kondo, Daishi; Silverston, Thomas; Tode, Hideki; Asami, Tohru; Perrin, Olivier.

2017 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2017. Institute of Electrical and Electronics Engineers Inc., 2017. p. 360-365 8116403.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Kondo, D, Silverston, T, Tode, H, Asami, T & Perrin, O 2017, Risk analysis of information-leakage through interest packets in NDN. in 2017 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2017., 8116403, Institute of Electrical and Electronics Engineers Inc., pp. 360-365, 2017 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2017, Atlanta, United States, 17/5/1. https://doi.org/10.1109/INFCOMW.2017.8116403

@inproceedings{0ab7e4b81bf04a808065e58cec878537,

title = "Risk analysis of information-leakage through interest packets in NDN",

abstract = "Information-leakage is one of the most important security issues in the current Internet. In Named-Data Networking (NDN), Interest names introduce novel vulnerabilities that can be exploited. By setting up a malware, Interest names can be used to encode critical information (steganography embedded) and to leak information out of the network by generating anomalous Interest traffic. This security threat based on Interest names does not exist in IP network, and it is essential to solve this issue to secure the NDN architecture. This paper performs risk analysis of information-leakage in NDN. We first describe vulnerabilities with Interest names and, as countermeasures, we propose a name-based filter using search engine information, and another filter using one-class Support Vector Machine (SVM). We collected URLs from the data repository provided by Common Crawl and we evaluate the performances of our per-packet filters. We show that our filters can choke drastically the throughput of information-leakage, which makes it easier to detect anomalous Interest traffic. It is therefore possible to mitigate information-leakage in NDN network and it is a strong incentive for future deployment of this architecture at the Internet scale.",

author = "Daishi Kondo and Thomas Silverston and Hideki Tode and Tohru Asami and Olivier Perrin",

year = "2017",

month = "11",

day = "20",

doi = "10.1109/INFCOMW.2017.8116403",

language = "English",

pages = "360--365",

booktitle = "2017 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2017",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

address = "United States",

note = "2017 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2017 ; Conference date: 01-05-2017 Through 04-05-2017",

}

TY - GEN

T1 - Risk analysis of information-leakage through interest packets in NDN

AU - Kondo, Daishi

AU - Silverston, Thomas

AU - Tode, Hideki

AU - Asami, Tohru

AU - Perrin, Olivier

PY - 2017/11/20

Y1 - 2017/11/20

N2 - Information-leakage is one of the most important security issues in the current Internet. In Named-Data Networking (NDN), Interest names introduce novel vulnerabilities that can be exploited. By setting up a malware, Interest names can be used to encode critical information (steganography embedded) and to leak information out of the network by generating anomalous Interest traffic. This security threat based on Interest names does not exist in IP network, and it is essential to solve this issue to secure the NDN architecture. This paper performs risk analysis of information-leakage in NDN. We first describe vulnerabilities with Interest names and, as countermeasures, we propose a name-based filter using search engine information, and another filter using one-class Support Vector Machine (SVM). We collected URLs from the data repository provided by Common Crawl and we evaluate the performances of our per-packet filters. We show that our filters can choke drastically the throughput of information-leakage, which makes it easier to detect anomalous Interest traffic. It is therefore possible to mitigate information-leakage in NDN network and it is a strong incentive for future deployment of this architecture at the Internet scale.

AB - Information-leakage is one of the most important security issues in the current Internet. In Named-Data Networking (NDN), Interest names introduce novel vulnerabilities that can be exploited. By setting up a malware, Interest names can be used to encode critical information (steganography embedded) and to leak information out of the network by generating anomalous Interest traffic. This security threat based on Interest names does not exist in IP network, and it is essential to solve this issue to secure the NDN architecture. This paper performs risk analysis of information-leakage in NDN. We first describe vulnerabilities with Interest names and, as countermeasures, we propose a name-based filter using search engine information, and another filter using one-class Support Vector Machine (SVM). We collected URLs from the data repository provided by Common Crawl and we evaluate the performances of our per-packet filters. We show that our filters can choke drastically the throughput of information-leakage, which makes it easier to detect anomalous Interest traffic. It is therefore possible to mitigate information-leakage in NDN network and it is a strong incentive for future deployment of this architecture at the Internet scale.

UR - http://www.scopus.com/inward/record.url?scp=85041323791&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85041323791&partnerID=8YFLogxK

U2 - 10.1109/INFCOMW.2017.8116403

DO - 10.1109/INFCOMW.2017.8116403

M3 - Conference contribution

AN - SCOPUS:85041323791

SP - 360

EP - 365

BT - 2017 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2017

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2017 IEEE Conference on Computer Communications Workshops, INFOCOM WKSHPS 2017

Y2 - 1 May 2017 through 4 May 2017

ER -

Access to Document

10.1109/INFCOMW.2017.8116403