security measures of ndn

Click here to load reader

Post on 29-Dec-2015




1 download

Embed Size (px)


It contains the basic security and its countermeasures of NDN network routers


  • Security issues and Counter-measuresNamed Data NetworkTeam 02 Group 10Arvind M(2010103507)Hitesh Kumar R(2010103011)Venkatakrishnan R(2010103551)Dr.V.VetriselviAssociate Professor

  • AbstractNamed Data Networking, like any internet architecture is vulnerable to attacks. The routers is vulnerable to attacks on the content store and pending interest table, which are components of a router in Named Data Networking.Various attacks such as pollution attack, poisoning attack, flooding attack and privacy attacks.Aimed at resolving those attacks.

  • Introduction

  • IntroductionUses name to route and retrieve content.Router containsContent Store (CS) cache used for content caching and retrieval. Forwarding Interest Base (FIB) routing table of name prefixes and corresponding outgoing interfaces (to route interests). Pending Interest Table (PIT) table of currently not yet- satisfied (pending) interests and a set of corresponding incoming interfaces.

  • IntroductionNamed data network to overcome the shortcomings of IP architecture.Caching at router - increased performance, degrades privacy concerns.Constant trade off between performance and security.

  • IntroductionProblems?Past communication of one user transited through cache.Cached voice data, even if encrypted, indicate that a phone call is going on, and its addressing metadata can leak who is communicating with whom.Breach of privacy !!!

  • IntroductionFalse producer may interrupt and provide the false content -- cache poisoning attackNo trust mechanism !!!cache pollution attack, the goal of the adversary is to force routers (i.e., the victims of the attack) to cache non-popular contentThe attacker generates a large number of closely spaced interest packets, aiming to overflow PITs in routers-Interest Flooding attack

  • Related Work

    PaperAuthorProblem dealtSolutionWhat we concludedNamed data networking for military communication system (2012)Basil Etefia, Lixia zhangProblem with IP based protocol in military applicationNamed data network replacing IP protocolNDN a future way to get content across networkScalable NDN forwarding (2012)Haowei Yaun, Tian Song, Patrick CrowleyDifficulty in designing and evaluating scalable NDN forwarding nodeMaking forwarding plane with fast name lookupNDN scalability issue reasonably solvedSupporting seamless mobility in NDN (2012)Ravishankar, Lo, Zhang, WangIP problem in mobility in real time applicationProposed three cross layer network-assisted seamless mobility shemesNDN - Mobility no longer a problem

  • Related Work

    PaperAuthorProblem dealtSolutionWhat we concludedEffective caching schemes for minimizing inter-ISP Traffic in NDN(2012)Jun Li, Hao Wu, Bin Liu, JianyuanIncreased Inter-ISP traffic across networkInterISP traffic savings achieved through cachingNDN caching improving performanceDetecting router cache snooping in NDN(2012)Nonhlanhla Ntuli, Sunyoung HanCaching at router snooping of data , possible Detects snooping in low level routers.Detection limited to customers limited to same router cacheNamed-data security scheme for NDN(2012)Hamdane, Serhrouchni, Fadlallah, FatmiExisting Security enhancementPKI and HIBC proposed to defend potential attackNDN Security still requires enhancement

  • Related Work

    PaperAuthorProblem dealtSolutionWhat we concludedInterest Propagation in named data MANETs(2012)Yu, Dilmaghani, Calo, Sanadidi, and Mario GerlaMobility and connectivity challenges in MANETsProposed Listen-First Broadcast later and Neighbourhood-Aware Interest forwardingNDN Decreased bandwidth usage and shortens response time in mobilitySupervisor application for content management in NDN(2012)Kusunoski, Kawahara, AsamiDifficulty in managing copyright violation by content in networkDeletion illegal content in network by content ownerNDN providing firewall to content at routers. But the proposed suffers from security and scaling loopholesPrivacy Risk in NDN(2012)Laugier, Laoutaries, RodriguezPrivacy issues at cachingAssessing Sensitivity of data difficultPrivacy of data need to be ensured

  • Related Work

    PaperAuthorProblem dealtSolutionWhat we concludedCache Privacy in Named-Data Networking(2012)Acs, Contiy, Gastiz, Ghalix, TsudikProblem in privacy of both consumers and producers of contentConsumers andProducers indicate which content is privacy-sensitive and proposed various algorithmsTrade off between privacy and latencyDoS & DDoS in Named Data Networking(2013)Gasti, Tsudik, Uzun, and Zhangcache poisoning and DoS attackIdentifying, assessment and counter-measures to mitigate effectEvaluating effectiveness of counter-measure difficultInterest flooding attack and countermeasures in NDN(2013)Afanasyev, Mahadevany, Moiseenko, Uzuny, ZhangDDoS attack - interest flooding attack restrict the number of Interests forwarded -satisfaction-based pushback algorithmComplex with increased security

  • Related Work

    PaperAuthorProblem dealtSolutionWhat we concludedlightweight mechanism for detection of cache pollution attacks(2013)Mauro Conti, Paolo Gasti, Marco Teolilocality-disruption and false-locality of contentCache shield - keeps track of absolute number of repeated requests, and ratio of repeated requests over number of cache hitsdo not address attack reaction techniques

  • Block Diagram

  • Proposed SystemThe research related to security in NDN is scattered across many papers and some are only proposed and not implemented practically. We take into consideration the most important of an NDN router-the Content store along with Pending Information Table (PIT) and we try to find its vulnerabilities to different attacks. We will detect and propose the different algorithms to solve these security vulnerabilities and we will try to implement it in a simulator and measure its performance along with its security.

  • Input and OutputTo the entire system:Input:Unsecured data transmission with lots of vulnerabilities in the router.Output:Secured data transmission and storage minimizing all attacks, without affecting the performance of the router.

  • To individual Modules

    ModulesInputOutputCache Privacy Attack ModuleAn interest(request for content)Secure Content object without revealing its privacy(cache miss or cache hit)Cache Poisoning Attack ModuleContent Store containing legitimate contents or fake contents or corrupted contents.Content Store with only legitimate contents(Prevent cache poisoning by limiting the bandwidth to the adversary)Cache Pollution AttackContent Store with relevant or irrelevant(caching contents with the aim of polluting the content store) content objects.Content Store with only relevant content objects(irrelevant contents are removed and a strict action is taken against the adversary)Interest Flooding AttackPIT infiltrated with Interests with the aim of affecting its performance.Clean PIT(Detection the harmful interests and taking appropriate actions)

  • Details of Each Module

  • 1. Cache Privacy attack moduleBased on the cache hits and cache misses of a content in the router, an adversary can detect whether the content is previously cached and is requested by some user in the same network or organisation, or not.So, first, the content sensitivity(private or not private) is determined by producer-driven or consumer-driven approach.A special privacy bit in the interest or the the content header determines the privacy of the content requested by the consumer or responded by the producer respectively.

  • Now, Requests for non-private cached content always result in a cache-hit if its present in Content Store. While the requests for private cached content is handled by random caching algorithm.Random caching algorithm:This module maintains a counter cC for each Content C. The first request for C always is a cache miss, and cC is initialized to 0. Also, kC is picked from [0;K) according to a distribution on domain [0;K), described by a random variable K. Upon receipt of a new request for C, the router increments cC and checks whether cC
  • 2. Cache Pollution Attack module:Routers can learn how the traffic is distributed by counting how often each content object is returned in response to an interest.Therefore, we can determine cache pollution by using a detection algorithm of learning and testing against the standard normal retrieval frequency of a content in the content store.

  • 3. Cache Poisoning attack module:Routers can do signature verification for its content to prevent cache poisoning. However it causes too much overhead.Therfore, we introduce a trust value T E [0; 1] for each content in a routers cache where the trust value is calculated from explicit consumer feedback and neighbour feedback.T = 1 indicates that the corresponding content has been verified, while T = 0 indicates that it should be selected for verification with probability proportional to 1 - T

  • A new content is assigned T = 0.5. This value increases every time the content is forwarded, and decreases whenever the router receives negative feedback.When a neighbour(router) determines that a given content is corrupted, it issues a special warning interest on all its interfaces, thus giving out neighbouring feedback.

  • 4. Interest Flooding attack module:Mainly, there are two types of interest flooding attacks based on the type of content requested one is non-existent and the other is dynamically-generated.Using the time-outs and tracking how often time-outs occur in PIT, we can determine the non-existent interest flooding attack.For dynamically generated content, we can set the PIT quota for incoming interface from the consumer to prevent it from flooding it and for outgoing interface to the producer to prevent the DoS attack on the server.

  • Timeline

  • Cache Privacy Attack Module (Pseudo-Code)

    Input: Interest Header (specifically privacy bit)

    Output: Cache Hit or Cache miss

  • Cache Pollution Attack Module (Pseudo-Code)Establishing Standard for normal retrieval frequency of content from Content Store(How many Cache Hits for Standard Cache Requests)Input: Standard Cache Hits for standard Cache requests, Standard Cache RequestsOutput: Empty Cache or not

  • Cache Poisoning Attack Module (Pseudo-Code)

    Input: Neighbour Feedback, Trust value (if present), Consumer Feedback

    Output: Verification required or not

  • Flooding Attack Module (Pseudo-Code)

    Input: Standard PIT quota for a single consumer, Standard number of timeouts for some standard number of requests, interest requests, timeout

    Output: Discarding the request or not, Clearing the PIT or not

  • FeedbackConsumer feedbackTo report on sensitivity of dataTo claim the content received to be false one

    Neighbor feedbackTo receive warning from the neighboring routerTo make correction in priority of data in CS based on received warning

  • DemonstrationAt the end of this project, many security concerns and privacy concerns related to NDN router will be addressed and analysed in detail. NDN router will be made more secure. Also, the prevention and detection techniques will be provided. We point out all the possible strategies to mitigate the attacks router is dealing with.Its simulation will be demonstrated and explained clearly. NDNsim will be used for its demonstration. The security providing components might be a trade-off for performance but we promise to strive for a perfect balance between security and performance.

  • ToolsNDN-Sim is a tool used to model the router and its functionalities.The existing functionalities (content store, pending information table) are extended to accommodate our security features.

  • Performance EvaluationThe performance will be measured and we will try to make sure that the performance will not be lessened because of the extra security modules in our modified prototype. Security will be measured against real time attacks to prove its worth.Comparisons will be made to the standard TCP/IP protocol in terms of its performance, security and feasibility. Performance will be compared for NDN with our security modules against NDN router without security.

  • Performance EvaluationIn case of privacy check, the performance measured as the degree of random access to cache (content store) with privacy bit set in interest packet request.Larger the degree of randomness in algorithm for a cache hit, greater the privacy achieved.In pollution check, more the frequency of access in the content store for a content object, greater is the life span of object in cache.

  • Performance EvaluationIn poisoning attack, Performance measured as the number of content objects in content store, correctly marked as a legitimate one. The above measurement is based on the correct feedback from consumer and neighbouring routers.In flooding attack, performance determined by number of non existent request correctly discarded.This is measured by setting optimal timeout upon making interest packet request.

  • References[1] G. Acs, M. Conti, P. Gasti, C. Ghali, G. Tsudik, Cache privacy in named data networking, in ICDCS 2013, 2013.[2] A. Chaabane, E. De Cristofaro, M. Kafaar, E. Uzun, Privacy in Content-Oriented Networking: Threats and Countermeasures, in SIGCOMM Computer Communication Review (CCR), July 2013.[3] Mauro Conti, Paolo Gasti and Marco Teoli , A Lightweight Mechanism for Detection of Cache Pollution Attacks in Named Data Networking, in Elsevier Journal on Computer Networks (COMNET), Special Issue on Mobile Computing for Content/Service Oriented Networking Architecture (2013), 2013.[4] Paolo Gasti, Gene Tsudik, Ersin Uzun, and Lixia Zhang, DoS & DDoS in Named Data Networking, in Proceedings of ICCCN 2013, 2013.[5] A. Afanasyev, P. Mahadevan, I. Moiseenko, E. Uzun, and L. Zhang, Interest Flooding Attack and Countermeasures, in Named Data Networking in Proceedings of IFIP Networking 2013, 2013.[6] H. Yuan and P. Crowley, Experimental Evaluation of Content Distribution with NDN and HTTP, in Proceedings of IEEE INFOCOM 2013 Mini-Conference, April 2013.[7] Alberto Compagno, Mauro Conti, Paolo Gasti and Gene Tsudik , Poseidon: Mitigating Interest Flooding DDoS Attacks in Named Data Networking, in 38th Annual IEEE Conference on Local Computer Networks (LCN 2013), 2013.[8] V. Jacobson, D. K. Smetters, J. D. Thornton, M. F. Plass, N. H. Briggs, R. L. Braynard, Networking Named Content, in CoNEXT 2009, Rome, December 2009.[9] CCNx Node Model.[10] Content centric networking (CCNx) project.