On the Readiness of NDN for a Secure Deployment: The Case of Pending Interest Table

Abstract : Named Data Networking (NDN) is one the proposals for the Future Internet design relying on the Information Centric Networking paradigm and probably the most promising. To enable a large-scale deployment by Internet Service Providers, however, a well-established security is fundamental. While numerous prior works study the security of NDN, a large amount of those works have been conducted using simulation frameworks which prevent the consideration of potential threats and flaws in a real deployment context. Toward this effort, this paper studies the practical vulnerabilities exposed by NDN Forwarding Daemon (NFD), the current implementation of NDN, and especially its Pending Interest Table. An attack scenario, based on the Interest Flooding Attack, is implemented on NFD routers deployed in a Network Function Virtualization environment. We show that the current implementation, though designed to be flexible, has some flaws that can ease the mounting of attacks in a real NDN network. We have found that there is no mechanism to protect NFD router when Pending Interest Table (PIT) is overloaded and identified the set of parameters which can increase the attack success. Several recommendations are proposed for the security of future implementations.
Type de document :
Communication dans un congrès
Rémi Badonnel; Robert Koch; Aiko Pras; Martin Drašar; Burkhard Stiller. 10th IFIP International Conference on Autonomous Infrastructure, Management and Security (AIMS), Jun 2016, Munich, Germany. Springer International Publishing, Lecture Notes in Computer Science, LNCS-9701, pp.98-110, 2016, Management and Security in the Age of Hyperconnectivity. 〈10.1007/978-3-319-39814-3_10〉
Liste complète des métadonnées

Littérature citée [13 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01632732
Contributeur : Hal Ifip <>
Soumis le : vendredi 10 novembre 2017 - 15:27:10
Dernière modification le : jeudi 11 janvier 2018 - 06:23:15

Fichier

 Accès restreint
Fichier visible le : 2019-01-01

Connectez-vous pour demander l'accès au fichier

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Hoang Mai, Ngoc Nguyen, Guillaume Doyen, Alain Ploix, Remi Cogranne. On the Readiness of NDN for a Secure Deployment: The Case of Pending Interest Table. Rémi Badonnel; Robert Koch; Aiko Pras; Martin Drašar; Burkhard Stiller. 10th IFIP International Conference on Autonomous Infrastructure, Management and Security (AIMS), Jun 2016, Munich, Germany. Springer International Publishing, Lecture Notes in Computer Science, LNCS-9701, pp.98-110, 2016, Management and Security in the Age of Hyperconnectivity. 〈10.1007/978-3-319-39814-3_10〉. 〈hal-01632732〉

Partager

Métriques

Consultations de la notice

14