Skip to Main content Skip to Navigation
New interface
Conference papers

On the Readiness of NDN for a Secure Deployment: The Case of Pending Interest Table

Abstract : Named Data Networking (NDN) is one the proposals for the Future Internet design relying on the Information Centric Networking paradigm and probably the most promising. To enable a large-scale deployment by Internet Service Providers, however, a well-established security is fundamental. While numerous prior works study the security of NDN, a large amount of those works have been conducted using simulation frameworks which prevent the consideration of potential threats and flaws in a real deployment context. Toward this effort, this paper studies the practical vulnerabilities exposed by NDN Forwarding Daemon (NFD), the current implementation of NDN, and especially its Pending Interest Table. An attack scenario, based on the Interest Flooding Attack, is implemented on NFD routers deployed in a Network Function Virtualization environment. We show that the current implementation, though designed to be flexible, has some flaws that can ease the mounting of attacks in a real NDN network. We have found that there is no mechanism to protect NFD router when Pending Interest Table (PIT) is overloaded and identified the set of parameters which can increase the attack success. Several recommendations are proposed for the security of future implementations.
Complete list of metadata

Cited literature [10 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Friday, November 10, 2017 - 3:27:10 PM
Last modification on : Wednesday, August 31, 2022 - 6:55:35 PM
Long-term archiving on: : Sunday, February 11, 2018 - 2:44:12 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Hoang Long Mai, Ngoc Tan Nguyen, Guillaume Doyen, Alain Ploix, Rémi Cogranne. On the Readiness of NDN for a Secure Deployment: The Case of Pending Interest Table. 10th IFIP International Conference on Autonomous Infrastructure, Management and Security (AIMS), Jun 2016, Munich, Germany. pp.98-110, ⟨10.1007/978-3-319-39814-3_10⟩. ⟨hal-01632732⟩



Record views


Files downloads