Content Poisoning in Named Data Networking: Comprehensive Characterization of real Deployment

Tan Nguyen 1 Xavier Marchal 2 Guillaume Doyen 1 Thibault Cholez 2 Rémi Cogranne 3
2 MADYNES - Management of dynamic networks and services
Inria Nancy - Grand Est, LORIA - NSS - Department of Networks, Systems and Services
Abstract : Information Centric Networking (ICN) is seen as a promising solution to re-conciliate the Internet usage with its core architecture. However, to be considered as a realistic alternative to IP, ICN must evolve from a pure academic proposition deployed in test environments to an operational solution in which security is assessed from the protocol design to its running implementation. Among ICN solutions, Named Data Networking (NDN), together with its reference implementation NDN Forwarding Daemon (NFD), acts as the most mature proposal but its vulnerability against the Content Poisoning Attack (CPA) is considered as a critical threat that can jeopardize this architecture. So far, existing works in that area have fallen into the pit of coupling a biased and partial phenomenon analysis with a proposed solution, hence lacking a comprehensive understanding of the attack's feasibility and impact in a real network. In this paper, we demonstrate through an experimental measurement campaign that CPA can easily and widely affect NDN. Our contribution is threefold: (1) we propose three realistic attack scenarios relying on both protocol design and implementation weaknesses; (2) we present their implementation and evaluation in a testbed based on the latest NFD version; and (3) we analyze their impact on the different ICN nodes (clients, access and core routers, content provider) composing a realistic topology.
Type de document :
Communication dans un congrès
15th IFIP/IEEE International Symposium on Integrated Network Management (IM2017), May 2017, Lisbon, Portugal. pp.72-80, 〈http://im2017.ieee-im.org/〉. 〈10.23919/INM.2017.7987266〉
Liste complète des métadonnées

Littérature citée [22 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01652328
Contributeur : Thibault Cholez <>
Soumis le : jeudi 30 novembre 2017 - 11:07:46
Dernière modification le : jeudi 11 janvier 2018 - 06:25:23

Fichier

IM17-content-poisoning-NDN.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Collections

Citation

Tan Nguyen, Xavier Marchal, Guillaume Doyen, Thibault Cholez, Rémi Cogranne. Content Poisoning in Named Data Networking: Comprehensive Characterization of real Deployment. 15th IFIP/IEEE International Symposium on Integrated Network Management (IM2017), May 2017, Lisbon, Portugal. pp.72-80, 〈http://im2017.ieee-im.org/〉. 〈10.23919/INM.2017.7987266〉. 〈hal-01652328〉

Partager

Métriques

Consultations de la notice

52

Téléchargements de fichiers

14