Risk analysis of information-leakage through interest packets in NDN
Title | Risk analysis of information-leakage through interest packets in NDN |
Publication Type | Conference Paper |
Year of Publication | 2017 |
Authors | Kondo, D., Silverston, T., Tode, H., Asami, T., Perrin, O. |
Conference Name | 2017 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS) |
Publisher | IEEE |
ISBN Number | 978-1-5386-2784-6 |
Keywords | anomalous Interest traffic, computer network security, Dictionaries, encoding, Human Behavior, information-leakage, Interest names, interest packets, Internet, invasive software, IP, IP networks, Malware, Named Data Network Security, Named-Data Networking, NDN network, paper performs risk analysis, pubcrawl, resilience, Resiliency, Scalability, search engine information, search engines, security, Support vector machines |
Abstract | Information-leakage is one of the most important security issues in the current Internet. In Named-Data Networking (NDN), Interest names introduce novel vulnerabilities that can be exploited. By setting up a malware, Interest names can be used to encode critical information (steganography embedded) and to leak information out of the network by generating anomalous Interest traffic. This security threat based on Interest names does not exist in IP network, and it is essential to solve this issue to secure the NDN architecture. This paper performs risk analysis of information-leakage in NDN. We first describe vulnerabilities with Interest names and, as countermeasures, we propose a name-based filter using search engine information, and another filter using one-class Support Vector Machine (SVM). We collected URLs from the data repository provided by Common Crawl and we evaluate the performances of our per-packet filters. We show that our filters can choke drastically the throughput of information-leakage, which makes it easier to detect anomalous Interest traffic. It is therefore possible to mitigate information-leakage in NDN network and it is a strong incentive for future deployment of this architecture at the Internet scale. |
URL | https://ieeexplore.ieee.org/document/8116403/ |
DOI | 10.1109/INFCOMW.2017.8116403 |
Citation Key | kondo_risk_2017 |
- malware
- Support vector machines
- security
- search engines
- search engine information
- Scalability
- Resiliency
- resilience
- pubcrawl
- paper performs risk analysis
- NDN network
- Named-Data Networking
- Named Data Network Security
- anomalous Interest traffic
- IP networks
- IP
- invasive software
- internet
- interest packets
- Interest names
- information-leakage
- Human behavior
- encoding
- Dictionaries
- computer network security