Results 1 -
3 of
3
Needle in a haystack: Mitigating content poisoning in named-data networking,”
- in NDSS Workshop on Security of Emerging Networking Technologies,
, 2014
"... Abstract-Named-Data Networking (NDN) is a candidate next-generation Internet architecture designed to address some limitations of the current IP-based Internet. NDN uses the pull model for content distribution, whereby content is first explicitly requested before being delivered. Efficiency is obta ..."
Abstract
-
Cited by 5 (1 self)
- Add to MetaCart
(Show Context)
Abstract-Named-Data Networking (NDN) is a candidate next-generation Internet architecture designed to address some limitations of the current IP-based Internet. NDN uses the pull model for content distribution, whereby content is first explicitly requested before being delivered. Efficiency is obtained via routerbased aggregation of closely spaced requests for popular content and content caching in routers. Although it reduces latency and increases bandwidth utilization, router caching makes the network susceptible to new cache-centric attacks, such as content poisoning. In this paper, we propose a ranking algorithm for cached content that allows routers to distinguish good and (likely) bad content. This ranking is based on statistics collected from consumers' actions following delivery of content objects. Experimental results support our assertion that the proposed ranking algorithm can effectively mitigate content poisoning attacks.
Secure Content Delivery in Information-Centric Networks: Design, Implementation, and Analyses
"... In this paper, we propose a novel secure content delivery framework, for an information-centric network, which will enable content providers (e.g., Netflix and Youtube) to securely disseminate their content to legitimate users via content distribution networks (CDNs) and Internet service providers ( ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
In this paper, we propose a novel secure content delivery framework, for an information-centric network, which will enable content providers (e.g., Netflix and Youtube) to securely disseminate their content to legitimate users via content distribution networks (CDNs) and Internet service providers (ISPs). Use of our framework will enable legitimate users to receive/consume encrypted content cached at a nearby router (CDN or ISP), even when the providers are offline. Our framework would slash system-downtime due to server outages, such as that recently experienced by Netflix, Pinterest, and Instagram users in the US (October 22, 2012). It will also help the providers utilize in-network caches for shaping content transmission and reducing delivery latency. We discuss the handling of security, access control, and system dynamics challenges and demonstrate the practicality of our framework by implementing it on a CCNx testbed.
Catch Me If You Can: A Practical Framework to Evade Censorship in Information-Centric Networks
"... ABSTRACT Internet traffic is increasingly becoming multimedia-centric. Its growth is driven by the fast-growing mobile user base that is more interested in the content rather than its origin. These trends have motivated proposals for a new Internet networking paradigm-information-centric networking ..."
Abstract
- Add to MetaCart
(Show Context)
ABSTRACT Internet traffic is increasingly becoming multimedia-centric. Its growth is driven by the fast-growing mobile user base that is more interested in the content rather than its origin. These trends have motivated proposals for a new Internet networking paradigm-information-centric networking (ICN). This paradigm requires unique names for packets to leverage pervasive in-network caching, name-based routing, and nameddata provenance. However named-data routing makes user censorship easy. Hence an anti-censorship mechanism is imperative to help users mask their named queries to prevent censorship and identification. However, this masking mechanism should not adversely affect request rates. In this paper, we propose such an anti-censorship framework, which is lightweight and specifically targets low compute power mobile devices. We analyze our framework's information-theoretic secrecy and present perfect secrecy thresholds under different scenarios. We also analyze its breakability and computational security. Experimental results prove the framework's effectiveness: for requests it adds between 1.3-1.8 times in latency overhead over baseline ICN; significantly lesser than the overhead of the state of the art Tor (up to 38 times over TCP).
