Visible to the public Biblio

Filters: Keyword is named data networking  [Clear All Filters]
2021-05-03
Sohail, Muhammad, Zheng, Quan, Rezaiefar, Zeinab, Khan, Muhammad Alamgeer, Ullah, Rizwan, Tan, Xiaobin, Yang, Jian, Yuan, Liu.  2020.  Triangle Area Based Multivariate Correlation Analysis for Detecting and Mitigating Cache Pollution Attacks in Named Data Networking. 2020 3rd International Conference on Hot Information-Centric Networking (HotICN). :114–121.
The key feature of NDN is in-network caching that every router has its cache to store data for future use, thus improve the usage of the network bandwidth and reduce the network latency. However, in-network caching increases the security risks - cache pollution attacks (CPA), which includes locality disruption (ruining the cache locality by sending random requests for unpopular contents to make them popular) and False Locality (introducing unpopular contents in the router's cache by sending requests for a set of unpopular contents). In this paper, we propose a machine learning method, named Triangle Area Based Multivariate Correlation Analysis (TAB-MCA) that detects the cache pollution attacks in NDN. This detection system has two parts, the triangle-area-based MCA technique, and the threshold-based anomaly detection technique. The TAB-MCA technique is used to extract hidden geometrical correlations between two distinct features for all possible permutations and the threshold-based anomaly detection technique. This technique helps our model to be able to distinguish attacks from legitimate traffic records without requiring prior knowledge. Our technique detects locality disruption, false locality, and combination of the two with high accuracy. Implementation of XC-topology, the proposed method shows high efficiency in mitigating these attacks. In comparison to other ML-methods, our proposed method has a low overhead cost in mitigating CPA as it doesn't require attackers' prior knowledge. Additionally, our method can also detect non-uniform attack distributions.
2021-04-08
Yamaguchi, A., Mizuno, O..  2020.  Reducing Processing Delay and Node Load Using Push-Based Information-Centric Networking. 2020 3rd World Symposium on Communication Engineering (WSCE). :59–63.
Information-Centric Networking (ICN) is attracting attention as a content distribution method against increasing network traffic. Content distribution in ICN adopts a pull-type communication method that returns data to Interest. However, in this case, the push-type communication method is advantageous. Therefore, the authors have proposed a method in which a server pushes content to reduce the node load in an environment where a large amount of Interest to specific content occurs in a short time. In this paper, we analyze the packet processing delay time with and without the proposed method in an environment where a router processes a large number of packets using a simulator. Simulation results show that the proposed method can reduce packet processing delay time and node load.
2021-02-22
Suwannasa, A., Broadbent, M., Mauthe, A..  2020.  Vicinity-based Replica Finding in Named Data Networking. 2020 International Conference on Information Networking (ICOIN). :146–151.
In Named Data Networking (NDN) architectures, a content object is located according to the content's identifier and can be retrieved from all nodes that hold a replica of the content. The default forwarding strategy of NDN is to forward an Interest packet along the default path from the requester to the server to find a content object according to its name prefix. However, the best path may not be the default path, since content might also be located nearby. Hence, the default strategy could result in a sub-optimal delivery efficiency. To address this issue we introduce a vicinity-based replica finding scheme. This is based on the observation that content objects might be requested several times. Therefore, replicas can be often cached within a particular neighbourhood and thus it might be efficient to specifically look for them in order to improve the content delivery performance. Within this paper, we evaluate the optimal size of the vicinity within which content should be located (i.e. the distance between the requester and its neighbours that are considered within the content search). We also compare the proposed scheme with the default NDN forwarding strategy with respect to replica finding efficiency and network overhead. Using the proposed scheme, we demonstrate that the replica finding mechanism reduces the delivery time effectively with acceptable overhead costs.
Gündoğan, C., Amsüss, C., Schmidt, T. C., Wählisch, M..  2020.  IoT Content Object Security with OSCORE and NDN: A First Experimental Comparison. 2020 IFIP Networking Conference (Networking). :19–27.
The emerging Internet of Things (IoT) challenges the end-to-end transport of the Internet by low power lossy links and gateways that perform protocol translations. Protocols such as CoAP or MQTT-SN are degraded by the overhead of DTLS sessions, which in common deployment protect content transfer only up to the gateway. To preserve content security end-to-end via gateways and proxies, the IETF recently developed Object Security for Constrained RESTful Environments (OSCORE), which extends CoAP with content object security features commonly known from Information Centric Networks (ICN). This paper presents a comparative analysis of protocol stacks that protect request-response transactions. We measure protocol performances of CoAP over DTLS, OSCORE, and the information-centric Named Data Networking (NDN) protocol on a large-scale IoT testbed in single- and multi-hop scenarios. Our findings indicate that (a) OSCORE improves on CoAP over DTLS in error-prone wireless regimes due to omitting the overhead of maintaining security sessions at endpoints, and (b) NDN attains superior robustness and reliability due to its intrinsic network caches and hop-wise retransmissions.
Nour, B., Khelifi, H., Hussain, R., Moungla, H., Bouk, S. H..  2020.  A Collaborative Multi-Metric Interface Ranking Scheme for Named Data Networks. 2020 International Wireless Communications and Mobile Computing (IWCMC). :2088–2093.
Named Data Networking (NDN) uses the content name to enable content sharing in a network using Interest and Data messages. In essence, NDN supports communication through multiple interfaces, therefore, it is imperative to think of the interface that better meets the communication requirements of the application. The current interface ranking is based on single static metric such as minimum number of hops, maximum satisfaction rate, or minimum network delay. However, this ranking may adversely affect the network performance. To fill the gap, in this paper, we propose a new multi-metric robust interface ranking scheme that combines multiple metrics with different objective functions. Furthermore, we also introduce different forwarding modes to handle the forwarding decision according to the available ranked interfaces. Extensive simulation experiments demonstrate that the proposed scheme selects the best and suitable forwarding interface to deliver content.
Doku, R., Rawat, D. B., Garuba, M., Njilla, L..  2020.  Fusion of Named Data Networking and Blockchain for Resilient Internet-of-Battlefield-Things. 2020 IEEE 17th Annual Consumer Communications Networking Conference (CCNC). :1–6.
Named Data Network's (NDN) data-centric approach makes it a suitable solution in a networking scenario where there are connectivity issues as a result of the dynamism of the network. Coupling of this ability with the blockchain's well-documented immutable trustworthy-distributed ledger feature, the union of blockchain and NDN in an Internet-of-Battlefield-Things (IoBT) setting could prove to be the ideal alliance that would guarantee data exchanged in an IoBT environment is trusted and less susceptible to cyber-attacks and packet losses. Various blockchain technologies, however, require that each node has a ledger that stores information or transactions in a chain of blocks. This poses an issue as nodes in an IoBT setting have varying computing and storage resources. Moreover, most of the nodes in the IoT/IoBT network are plagued with limited resources. As such, there needs to be an approach that ensures that the limited resources of these nodes are efficiently utilized. In this paper, we investigate an approach that merges blockchain and NDN to efficiently utilize the resources of these resource-constrained nodes by only storing relevant information on each node's ledger. Furthermore, we propose a sharding technique called an Interest Group and introduce a novel consensus mechanism called Proof of Common Interest. Performance of the proposed approach is evaluated using numerical results.
Abdelaal, M., Karadeniz, M., Dürr, F., Rothermel, K..  2020.  liteNDN: QoS-Aware Packet Forwarding and Caching for Named Data Networks. 2020 IEEE 17th Annual Consumer Communications Networking Conference (CCNC). :1–9.
Recently, named data networking (NDN) has been introduced to connect the world of computing devices via naming data instead of their containers. Through this strategic change, NDN brings several new features to network communication, including in-network caching, multipath forwarding, built-in multicast, and data security. Despite these unique features of NDN networking, there exist plenty of opportunities for continuing developments, especially with packet forwarding and caching. In this context, we introduce liteNDN, a novel forwarding and caching strategy for NDN networks. liteNDN comprises a cooperative forwarding strategy through which NDN routers share their knowledge, i.e. data names and interfaces, to optimize their packet forwarding decisions. Subsequently, liteNDN leverages that knowledge to estimate the probability of each downstream path to swiftly retrieve the requested data. Additionally, liteNDN exploits heuristics, such as routing costs and data significance, to make proper decisions about caching normal as well as segmented packets. The proposed approach has been extensively evaluated in terms of the data retrieval latency, network utilization, and the cache hit rate. The results showed that liteNDN, compared to conventional NDN forwarding and caching strategies, achieves much less latency while reducing the unnecessary traffic and caching activities.
Alzakari, N., Dris, A. B., Alahmadi, S..  2020.  Randomized Least Frequently Used Cache Replacement Strategy for Named Data Networking. 2020 3rd International Conference on Computer Applications Information Security (ICCAIS). :1–6.
To accommodate the rapidly changing Internet requirements, Information-Centric Networking (ICN) was recently introduced as a promising architecture for the future Internet. One of the ICN primary features is `in-network caching'; due to its ability to minimize network traffic and respond faster to users' requests. Therefore, various caching algorithms have been presented that aim to enhance the network performance using different measures, such as cache hit ratio and cache hit distance. Choosing a caching strategy is critical, and an adequate replacement strategy is also required to decide which content should be dropped. Thus, in this paper, we propose a content replacement scheme for ICN, called Randomized LFU that is implemented with respect to content popularity taking the time complexity into account. We use Abilene and Tree network topologies in our simulation models. The proposed replacement achieves encouraging results in terms of the cache hit ratio, inner hit, and hit distance and it outperforms FIFO, LRU, and Random replacement strategies.
Afanasyev, A., Ramani, S. K..  2020.  NDNconf: Network Management Framework for Named Data Networking. 2020 IEEE International Conference on Communications Workshops (ICC Workshops). :1–6.
The rapid growth of the Internet is, in part, powered by the broad participation of numerous vendors building network components. All these network devices require that they be properly configured and maintained, which creates a challenge for system administrators of complex networks with a growing variety of heterogeneous devices. This challenge is true for today's networks, as well as for the networking architectures of the future, such as Named Data Networking (NDN). This paper gives a preliminary design of an NDNconf framework, an adaptation of a recently developed NETCONF protocol, to realize unified configuration and management for NDN. The presented design is built leveraging the benefits provided by NDN, including the structured naming shared among network and application layers, stateful data retrieval with name-based interest forwarding, in-network caching, data-centric security model, and others. Specifically, the configuration data models, the heart of NDNconf, the elements of the models and models themselves are represented as secured NDN data, allowing fetching models, fetching configuration data that correspond to elements of the model, and issuing commands using the standard Interest-Data exchanges. On top of that, the security of models, data, and commands are realized through native data-centric NDN mechanisms, providing highly secure systems with high granularity of control.
Li, Y., Liu, Y., Wang, Y., Guo, Z., Yin, H., Teng, H..  2020.  Synergetic Denial-of-Service Attacks and Defense in Underwater Named Data Networking. IEEE INFOCOM 2020 - IEEE Conference on Computer Communications. :1569–1578.
Due to the harsh environment and energy limitation, maintaining efficient communication is crucial to the lifetime of Underwater Sensor Networks (UWSN). Named Data Networking (NDN), one of future network architectures, begins to be applied to UWSN. Although Underwater Named Data Networking (UNDN) performs well in data transmission, it still faces some security threats, such as the Denial-of-Service (DoS) attacks caused by Interest Flooding Attacks (IFAs). In this paper, we present a new type of DoS attacks, named as Synergetic Denial-of-Service (SDoS). Attackers synergize with each other, taking turns to reply to malicious interests as late as possible. SDoS attacks will damage the Pending Interest Table, Content Store, and Forwarding Information Base in routers with high concealment. Simulation results demonstrate that the SDoS attacks quadruple the increased network traffic compared with normal IFAs and the existing IFA detection algorithm in UNDN is completely invalid to SDoS attacks. In addition, we analyze the infection problem in UNDN and propose a defense method Trident based on carefully designed adaptive threshold, burst traffic detection, and attacker identification. Experiment results illustrate that Trident can effectively detect and resist both SDoS attacks and normal IFAs. Meanwhile, Trident can robustly undertake burst traffic and congestion.
Song, Z., Kar, P..  2020.  Name-Signature Lookup System: A Security Enhancement to Named Data Networking. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1444–1448.
Named Data Networking (NDN) is a content-centric networking, where the publisher of the packet signs and encapsulates the data packet with a name-content-signature encryption to verify the authenticity and integrity of itself. This scheme can solve many of the security issues inherently compared to IP networking. NDN also support mobility since it hides the point-to-point connection details. However, an extreme attack takes place when an NDN consumer newly connects to a network. A Man-in-the-middle (MITM) malicious node can block the consumer and keep intercepting the interest packets sent out so as to fake the corresponding data packets signed with its own private key. Without knowledge and trust to the network, the NDN consumer can by no means perceive the attack and thus exposed to severe security and privacy hazard. In this paper, the Name-Signature Lookup System (NSLS) and corresponding Name-Signature Lookup Protocol (NSLP) is introduced to verify packets with their registered genuine publisher even in an untrusted network with the help of embedded keys inside Network Interface Controller (NIC), by which attacks like MITM is eliminated. A theoretical analysis of comparing NSLS with existing security model is provided. Digest algorithm SHA-256 and signature algorithm RSA are used in the NSLP model without specific preference.
Yan, Z., Park, Y., Leau, Y., Ren-Ting, L., Hassan, R..  2020.  Hybrid Network Mobility Support in Named Data Networking. 2020 International Conference on Information Networking (ICOIN). :16–19.
Named Data Networking (NDN) is a promising Internet architecture which is expected to solve some problems (e.g., security, mobility) of the current TCP/IP architecture. The basic concept of NDN is to use named data for routing instead of using location addresses like IP address. NDN natively supports consumer mobility, but producer mobility is still a challenge and there have been quite a few researches. Considering the Internet connection such as public transport vehicles, network mobility support in NDN is important, but it is still a challenge. That is the reason that this paper proposes an efficient network mobility support scheme in NDN in terms of signaling protocols and data retrieval.
2020-09-08
Campioni, Lorenzo, Tortonesi, Mauro, Wissingh, Bastiaan, Suri, Niranjan, Hauge, Mariann, Landmark, Lars.  2019.  Experimental Evaluation of Named Data Networking (NDN) in Tactical Environments. MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM). :43–48.
Tactical edge networks represent a uniquely challenging environment from the communications perspective, due to their limited bandwidth and high node mobility. Several middleware communication solutions have been proposed to address those issues, adopting an evolutionary design approach that requires facing quite a few complications to provide applications with a suited network programming model while building on top of the TCP/IP stack. Information Centric Networking (ICN), instead, represents a revolutionary, clean slate approach that aims at replacing the entire TCP/IP stack with a new communication paradigm, better suited to cope with fluctuating channel conditions and network disruptions. This paper, stemmed from research conducted within NATO IST-161 RTG, investigates the effectiveness of Named Data Networking (NDN), the de facto standard implementation of ICN, in the context of tactical edge networks and its potential for adoption. We evaluated an NDN-based Blue Force Tracking (BFT) dissemination application within the Anglova scenario emulation environment, and found that NDN obtained better-than-expected results in terms of delivery ratio and latency, at the expense of a relatively high bandwidth consumption.
2020-07-24
Wu, Zhijun, Xu, Enzhong, Liu, Liang, Yue, Meng.  2019.  CHTDS: A CP-ABE Access Control Scheme Based on Hash Table and Data Segmentation in NDN. 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :843—848.

For future Internet, information-centric networking (ICN) is considered a potential solution to many of its current problems, such as content distribution, mobility, and security. Named Data Networking (NDN) is a more popular ICN project. However, concern regarding the protection of user data persists. Information caching in NDN decouples content and content publishers, which leads to content security threats due to lack of secure controls. Therefore, this paper presents a CP-ABE (ciphertext policy attribute based encryption) access control scheme based on hash table and data segmentation (CHTDS). Based on data segmentation, CHTDS uses a method of linearly splitting fixed data blocks, which effectively improves data management. CHTDS also introduces CP-ABE mechanism and hash table data structure to ensure secure access control and privilege revocation does not need to re-encrypt the published content. The analysis results show that CHTDS can effectively realize the security and fine-grained access control in the NDN environment, and reduce communication overhead for content access.

2020-06-22
Arji, Dian Abadi, Rukmana, Fandhy Bayu, Sari, Riri Fitri.  2019.  A Design of Digital Signature Mechanism in NDN-IP Gateway. 2019 International Conference on Information and Communications Technology (ICOIACT). :255–260.
Named Data Networking (NDN) is a new network architecture that has been projected as the future of internet architecture. Unlike the traditional internet approach which currently relies on client-server communication models to communicate each other, NDN relies on data as an entity. Hence the users only need the content and applications based on data naming, as there is no IP addresses needed. NDN is different than TCP/IP technology as NDN signs the data with Digital Signature to secure each data authenticity. Regarding huge number of uses on IP-based network, and the minimum number of NDN-based network implementation, the NDN-IP gateway are needed to map and forward the data from IP-based network to NDN-based network, and vice versa. These gateways are called Custom-Router Gateway in this study. The Custom-Router Gateway requires a new mechanism in conducting Digital Signature so that authenticity the data can be verified when it passes through the NDN-IP Custom-Router Gateway. This study propose a method to process the Digital Signature for the packet flows from IP-based network through NDN-based network. Future studies are needed to determine the impact of Digital Signature processing on the performance in forwarding the data from IP-based to NDN-based network and vice versa.
2020-05-29
Tseng, Yi-Fan, Fan, Chun-I, Wu, Chin-Yu.  2019.  FGAC-NDN: Fine-Grained Access Control for Named Data Networks. IEEE Transactions on Network and Service Management. 16:143—152.

Named data network (NDN) is one of the most promising information-centric networking architectures, where the core concept is to focus on the named data (or contents) themselves. Users in NDN can easily send a request packet to get the desired content regardless of its address. The routers in NDN have cache functionality to make the users instantly retrieve the desired file. Thus, the user can immediately get the desired file from the nearby nodes instead of the remote host. Nevertheless, NDN is a novel proposal and there are still some open issues to be resolved. In view of previous research, it is a challenge to achieve access control on a specific user and support potential receivers simultaneously. In order to solve it, we present a fine-grained access control mechanism tailored for NDN, supporting data confidentiality, potential receivers, and mobility. Compared to previous works, this is the first to support fine-grained access control and potential receivers. Furthermore, the proposed scheme achieves provable security under the DBDH assumption.

Sattar, Muhammad Umar, Rehman, Rana Asif.  2019.  Interest Flooding Attack Mitigation in Named Data Networking Based VANETs. 2019 International Conference on Frontiers of Information Technology (FIT). :245—2454.

Nowadays network applications have more focus on content distribution which is hard to tackle in IP based Internet. Information Centric Network (ICN) have the ability to overcome this problem for various scenarios, specifically for Vehicular Ad Hoc Networks (VANETs). Conventional IP based system have issues like mobility management hence ICN solve this issue because data fetching is not dependent on a particular node or physical location. Many initial investigations have performed on an instance of ICN commonly known as Named Data Networking (NDN). However, NDN exposes the new type of security susceptibilities, poisoning cache attack, flooding Interest attack, and violation of privacy because the content in the network is called by the name. This paper focused on mitigation of Interest flooding attack by proposing new scheme, named Interest Flooding Attack Mitigation Scheme (IFAMS) in Vehicular Named Data Network (VNDN). Simulation results depict that proposed IFAMS scheme mitigates the Interest flooding attack in the network.

2020-05-26
Ostrovskaya, Svetlana, Surnin, Oleg, Hussain, Rasheed, Bouk, Safdar Hussain, Lee, JooYoung, Mehran, Narges, Ahmed, Syed Hassan, Benslimane, Abderrahim.  2018.  Towards Multi-metric Cache Replacement Policies in Vehicular Named Data Networks. 2018 IEEE 29th Annual International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC). :1–7.
Vehicular Named Data Network (VNDN) uses NDN as an underlying communication paradigm to realize intelligent transportation system applications. Content communication is the essence of NDN, which is primarily carried out through content naming, forwarding, intrinsic content security, and most importantly the in-network caching. In vehicular networks, vehicles on the road communicate with other vehicles and/or infrastructure network elements to provide passengers a reliable, efficient, and infotainment-rich commute experience. Recently, different aspects of NDN have been investigated in vehicular networks and in vehicular social networks (VSN); however, in this paper, we investigate the in-network caching, realized in NDN through the content store (CS) data structure. As the stale contents in CS do not just occupy cache space, but also decrease the overall performance of NDN-driven VANET and VSN applications, therefore the size of CS and the content lifetime in CS are primary issues in VNDN communications. To solve these issues, we propose a simple yet efficient multi-metric CS management mechanism through cache replacement (M2CRP). We consider the content popularity, relevance, freshness, and distance of a node to devise a set of algorithms for selection of the content to be replaced in CS in the case of replacement requirement. Simulation results show that our multi-metric strategy outperforms the existing cache replacement mechanisms in terms of Hit Ratio.
2020-04-06
Hu, Xiaoyan, Zheng, Shaoqi, Zhao, Lixia, Cheng, Guang, Gong, Jian.  2019.  Exploration and Exploitation of Off-path Cached Content in Network Coding Enabled Named Data Networking. 2019 IEEE 27th International Conference on Network Protocols (ICNP). :1—6.

Named Data Networking (NDN) intrinsically supports in-network caching and multipath forwarding. The two salient features offer the potential to simultaneously transmit content segments that comprise the requested content from original content publishers and in-network caches. However, due to the complexity of maintaining the reachability information of off-path cached content at the fine-grained packet level of granularity, the multipath forwarding and off-path cached copies are significantly underutilized in NDN so far. Network coding enabled NDN, referred to as NC-NDN, was proposed to effectively utilize multiple on-path routes to transmit content, but off-path cached copies are still unexploited. This work enhances NC-NDN with an On-demand Off-path Cache Exploration based Multipath Forwarding strategy, dubbed as O2CEMF, to take full advantage of the multipath forwarding to efficiently utilize off-path cached content. In O2CEMF, each network node reactively explores the reachability information of nearby off-path cached content when consumers begin to request a generation of content, and maintains the reachability at the coarse-grained generation level of granularity instead. Then the consumers simultaneously retrieve content from the original content publisher(s) and the explored capable off-path caches. Our experimental studies validate that this strategy improves the content delivery performance efficiently as compared to that in the present NC-NDN.

Boussaha, Ryma, Challal, Yacine, Bouabdallah, Abdelmadjid.  2018.  Authenticated Network Coding for Software-Defined Named Data Networking. 2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA). :1115–1122.
Named Data Networking (or NDN) represents a potential new approach to the current host based Internet architecture which prioritize content over the communication between end nodes. NDN relies on caching functionalities and local data storage, such as a content request could be satisfied by any node holding a copy of the content in its storage. Due to the fact that users in the same network domain can share their cached content with each other and in order to reduce the transmission cost for obtaining the desired content, a cooperative network coding mechanism is proposed in this paper. We first formulate our optimal coding and homomorphic signature scheme as a MIP problem and we show how to leverage Software Defined Networking to provide seamless implementation of the proposed solution. Evaluation results demonstrate the efficiency of the proposed coding scheme which achieves better performance than conventional NDN with random coding especially in terms of transmission cost and security.
2020-03-02
Ullah, Rehmat, Ur Rehman, Muhammad Atif, Kim, Byung-Seo, Sonkoly, Balázs, Tapolcai, János.  2019.  On Pending Interest Table in Named Data Networking based Edge Computing: The Case of Mobile Augmented Reality. 2019 Eleventh International Conference on Ubiquitous and Future Networks (ICUFN). :263–265.
Future networks require fast information response time, scalable content distribution, security and mobility. In order to enable future Internet many key enabling technologies have been proposed such as Edge computing (EC) and Named Data Networking (NDN). In EC substantial compute and storage resources are placed at the edge of the network, in close proximity to end users. Similarly, NDN provides an alternative to traditional host centric IP architecture which seems a perfect candidate for distributed computation. Although NDN with EC seems a promising approach for enabling future Internet, it can cause various challenges such as expiry time of the Pending Interest Table (PIT) and non-trivial computation of the edge node. In this paper we discuss the expiry time and non-trivial computation in NDN based EC. We argue that if NDN is integrated in EC, then the PIT expiry time will be affected in relation with the processing time on the edge node. Our analysis shows that integrating NDN in EC without considering PIT expiry time may result in the degradation of network performance in terms of Interest Satisfaction Rate.
2020-01-21
Hu, Xiaoyan, Zheng, Shaoqi, Gong, Jian, Cheng, Guang, Zhang, Guoqiang, Li, Ruidong.  2019.  Enabling Linearly Homomorphic Signatures in Network Coding-Based Named Data Networking. Proceedings of the 14th International Conference on Future Internet Technologies. :1–4.

Network coding has been proposed to be built into Named Data Networking (NDN) for achieving efficient simultaneous content delivery. Network coding allows intermediate nodes to perform arbitrary coding operations on Data packets. One salient feature of NDN is its content-based security by protecting each Data packet with a signature signed by its publisher. However, in the network coding-based NDN, it remains unclear how to securely and efficiently sign a recoded Data packet at an intermediate router. This work proposes a mechanism to enable linearly homomorphic signatures in network coding-based NDN so as to directly generate a signature for a recoded Data packet by combining the signatures of those Data packets on which the recoding operation is performed.

Mai, Hoang Long, Aouadj, Messaoud, Doyen, Guillaume, Mallouli, Wissam, de Oca, Edgardo Montes, Festor, Olivier.  2019.  Toward Content-Oriented Orchestration: SDN and NFV as Enabling Technologies for NDN. 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM). :594–598.
Network Function Virtualization (NFV) is a novel paradigm which enables the deployment of network functions on commodity hardware. As such, it also stands for a deployment en-abler for any novel networking function or networking paradigm such as Named Data Networking (NDN), the most promising solution relying on the Information-Centric Networking (ICN) paradigm. However, dedicated solutions for the security and performance orchestration of such an emerging paradigm are still lacking thus preventing its adoption by network operators. In this paper, we propose a first step toward a content-oriented orchestration whose purpose is to deploy, manage and secure an NDN virtual network. We present the way we leverage the TOSCA standard, using a crafted NDN oriented extension to enable the specification of both deployment and operational behavior requirements of NDN services. We also highlight NDN-related security and performance policies to produce counter-measures against anomalies that can either come from attacks or performance incidents.
Benmoussa, Ahmed, Tahari, Abdou el Karim, Lagaa, Nasreddine, Lakas, Abderrahmane, Ahmad, Farhan, Hussain, Rasheed, Kerrache, Chaker Abdelaziz, Kurugollu, Fatih.  2019.  A Novel Congestion-Aware Interest Flooding Attacks Detection Mechanism in Named Data Networking. 2019 28th International Conference on Computer Communication and Networks (ICCCN). :1–6.
Named Data Networking (NDN) is a promising candidate for future internet architecture. It is one of the implementations of the Information-Centric Networking (ICN) architectures where the focus is on the data rather than the owner of the data. While the data security is assured by definition, these networks are susceptible of various Denial of Service (DoS) attacks, mainly Interest Flooding Attacks (IFA). IFAs overwhelm an NDN router with a huge amount of interests (Data requests). Various solutions have been proposed in the literature to mitigate IFAs; however; these solutions do not make a difference between intentional and unintentional misbehavior due to the network congestion. In this paper, we propose a novel congestion-aware IFA detection and mitigation solution. We performed extensive simulations and the results clearly depict the efficiency of our proposal in detecting truly occurring IFA attacks.
2019-12-05
Campioni, Lorenzo, Hauge, Mariann, Landmark, Lars, Suri, Niranjan, Tortonesi, Mauro.  2019.  Considerations on the Adoption of Named Data Networking (NDN) in Tactical Environments. 2019 International Conference on Military Communications and Information Systems (ICMCIS). :1-8.

Mobile military networks are uniquely challenging to build and maintain, because of their wireless nature and the unfriendliness of the environment, resulting in unreliable and capacity limited performance. Currently, most tactical networks implement TCP/IP, which was designed for fairly stable, infrastructure-based environments, and requires sophisticated and often application-specific extensions to address the challenges of the communication scenario. Information Centric Networking (ICN) is a clean slate networking approach that does not depend on stable connections to retrieve information and naturally provides support for node mobility and delay/disruption tolerant communications - as a result it is particularly interesting for tactical applications. However, despite ICN seems to offer some structural benefits for tactical environments over TCP/IP, a number of challenges including naming, security, performance tuning, etc., still need to be addressed for practical adoption. This document, prepared within NATO IST-161 RTG, evaluates the effectiveness of Named Data Networking (NDN), the de facto standard implementation of ICN, in the context of tactical edge networks and its potential for adoption.