Content Poisoning in Named Data Networking: Comprehensive Characterization of real Deployment - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2017

Content Poisoning in Named Data Networking: Comprehensive Characterization of real Deployment

Ngoc Tan Nguyen
  • Fonction : Auteur
  • PersonId : 1024167
Xavier Marchal
  • Fonction : Auteur
  • PersonId : 974199
  • IdRef : 236887157
Guillaume Doyen
  • Fonction : Auteur
  • PersonId : 868503

Résumé

Information Centric Networking (ICN) is seen as a promising solution to re-conciliate the Internet usage with its core architecture. However, to be considered as a realistic alternative to IP, ICN must evolve from a pure academic proposition deployed in test environments to an operational solution in which security is assessed from the protocol design to its running implementation. Among ICN solutions, Named Data Networking (NDN), together with its reference implementation NDN Forwarding Daemon (NFD), acts as the most mature proposal but its vulnerability against the Content Poisoning Attack (CPA) is considered as a critical threat that can jeopardize this architecture. So far, existing works in that area have fallen into the pit of coupling a biased and partial phenomenon analysis with a proposed solution, hence lacking a comprehensive understanding of the attack's feasibility and impact in a real network. In this paper, we demonstrate through an experimental measurement campaign that CPA can easily and widely affect NDN. Our contribution is threefold: (1) we propose three realistic attack scenarios relying on both protocol design and implementation weaknesses; (2) we present their implementation and evaluation in a testbed based on the latest NFD version; and (3) we analyze their impact on the different ICN nodes (clients, access and core routers, content provider) composing a realistic topology.
Fichier principal
Vignette du fichier
IM17-content-poisoning-NDN.pdf (474.84 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01652328 , version 1 (30-11-2017)

Identifiants

Citer

Ngoc Tan Nguyen, Xavier Marchal, Guillaume Doyen, Thibault Cholez, Rémi Cogranne. Content Poisoning in Named Data Networking: Comprehensive Characterization of real Deployment. 15th IFIP/IEEE International Symposium on Integrated Network Management (IM2017), May 2017, Lisbon, Portugal. pp.72-80, ⟨10.23919/INM.2017.7987266⟩. ⟨hal-01652328⟩
175 Consultations
950 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More