Content Poisoning in Named Data Networking: Comprehensive Characterization of real Deployment - Archive ouverte HAL Access content directly
Conference Papers Year :

Content Poisoning in Named Data Networking: Comprehensive Characterization of real Deployment

(1) , (2) , (1) , (2) , (3)
1
2
3
Ngoc Tan Nguyen
  • Function : Author
  • PersonId : 1024167
Xavier Marchal
  • Function : Author
  • PersonId : 974199
Guillaume Doyen
  • Function : Author
  • PersonId : 868503
Thibault Cholez
  • Function : Author
  • PersonId : 821
  • IdHAL : cholez

Abstract

Information Centric Networking (ICN) is seen as a promising solution to re-conciliate the Internet usage with its core architecture. However, to be considered as a realistic alternative to IP, ICN must evolve from a pure academic proposition deployed in test environments to an operational solution in which security is assessed from the protocol design to its running implementation. Among ICN solutions, Named Data Networking (NDN), together with its reference implementation NDN Forwarding Daemon (NFD), acts as the most mature proposal but its vulnerability against the Content Poisoning Attack (CPA) is considered as a critical threat that can jeopardize this architecture. So far, existing works in that area have fallen into the pit of coupling a biased and partial phenomenon analysis with a proposed solution, hence lacking a comprehensive understanding of the attack's feasibility and impact in a real network. In this paper, we demonstrate through an experimental measurement campaign that CPA can easily and widely affect NDN. Our contribution is threefold: (1) we propose three realistic attack scenarios relying on both protocol design and implementation weaknesses; (2) we present their implementation and evaluation in a testbed based on the latest NFD version; and (3) we analyze their impact on the different ICN nodes (clients, access and core routers, content provider) composing a realistic topology.
Fichier principal
Vignette du fichier
IM17-content-poisoning-NDN.pdf (474.84 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-01652328 , version 1 (30-11-2017)

Identifiers

Cite

Ngoc Tan Nguyen, Xavier Marchal, Guillaume Doyen, Thibault Cholez, Rémi Cogranne. Content Poisoning in Named Data Networking: Comprehensive Characterization of real Deployment. 15th IFIP/IEEE International Symposium on Integrated Network Management (IM2017), May 2017, Lisbon, Portugal. pp.72-80, ⟨10.23919/INM.2017.7987266⟩. ⟨hal-01652328⟩
166 View
918 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More