Content Poisoning in Named Data Networking: Comprehensive Characterization of real Deployment

Tan Nguyen 1 Xavier Marchal 2 Guillaume Doyen 1 Thibault Cholez 2 Rémi Cogranne 3
1 ERA - Environnement de Réseaux Autonomes
ICD - Institut Charles Delaunay
2 MADYNES - Management of dynamic networks and services
Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services
Abstract : Information Centric Networking (ICN) is seen as a promising solution to re-conciliate the Internet usage with its core architecture. However, to be considered as a realistic alternative to IP, ICN must evolve from a pure academic proposition deployed in test environments to an operational solution in which security is assessed from the protocol design to its running implementation. Among ICN solutions, Named Data Networking (NDN), together with its reference implementation NDN Forwarding Daemon (NFD), acts as the most mature proposal but its vulnerability against the Content Poisoning Attack (CPA) is considered as a critical threat that can jeopardize this architecture. So far, existing works in that area have fallen into the pit of coupling a biased and partial phenomenon analysis with a proposed solution, hence lacking a comprehensive understanding of the attack's feasibility and impact in a real network. In this paper, we demonstrate through an experimental measurement campaign that CPA can easily and widely affect NDN. Our contribution is threefold: (1) we propose three realistic attack scenarios relying on both protocol design and implementation weaknesses; (2) we present their implementation and evaluation in a testbed based on the latest NFD version; and (3) we analyze their impact on the different ICN nodes (clients, access and core routers, content provider) composing a realistic topology.
Document type :
Conference papers
Complete list of metadatas

Cited literature [22 references]  Display  Hide  Download

https://hal.inria.fr/hal-01652328
Contributor : Thibault Cholez <>
Submitted on : Thursday, November 30, 2017 - 11:07:46 AM
Last modification on : Monday, September 16, 2019 - 4:35:52 PM

File

IM17-content-poisoning-NDN.pdf
Files produced by the author(s)

Identifiers

Citation

Tan Nguyen, Xavier Marchal, Guillaume Doyen, Thibault Cholez, Rémi Cogranne. Content Poisoning in Named Data Networking: Comprehensive Characterization of real Deployment. 15th IFIP/IEEE International Symposium on Integrated Network Management (IM2017), May 2017, Lisbon, Portugal. pp.72-80, ⟨10.23919/INM.2017.7987266⟩. ⟨hal-01652328⟩

Share

Metrics

Record views

233

Files downloads

564