Abstract
Secure search query routing is a long-standing problem in distributed networks, which has often been addressed using “all-or-nothing” approaches, that require either full anonymity and encrypted routing or full trust on the routing nodes. An important problem with secure routing is how to guarantee the search query is transmitted in an expected way. In this paper, we tackle the problem of secure routing by considering a generic policy-driven routing approach, and focus on the steps required to verify in a fully distributed manner that a search query is routed in accordance to a requester’s preferences and detect cheating nodes. We present an efficient and effective verification method for query routes, that is agnostic to the specific routing algorithm being used and achieves strong security guarantees. We cast our approach in the context of content dissemination networks (CDN) and show through experimental evaluations the performance of our approach.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Examples of categories in T are Standard Industrial Classification (SIC), or the North American Industry Classification System (NAICS).
- 2.
If \(NHop=*\), we consider it is infinitely large.
- 3.
The symbol \(\alpha \) is abused here to denote the confidence threshold in dishonesty detection.
- 4.
We need to restrict that \(x\le n-m\) in our models. This is because, we can always detect non-compliant nodes if we test more than \(n-m\) nodes.
- 5.
If a non-exhaustive search algorithm is used, the requestor would expect at least k responses, where k is to be determined according to the routing scheme employed by the network.
References
Androutsellis-Theotokis, S., Spinellis, D.: A survey of peer-to-peer content distribution technologies. ACM Comput. Surv. (CSUR) 36(4), 335–371 (2004)
Arai, B., Das, G., Gunopulos, D., Kalogeraki, V.: Efficient approximate query processing in peer-to-peer networks. IEEE Trans. Knowl. Data Eng. 19(7), 919–933 (2007)
Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: SP 2007: Proceedings of the 2007 IEEE Symposium on Security and Privacy, pp. 321–334. IEEE Computer Society (2007)
Compagno, A., Conti, M., Gasti, P., Tsudik, G.: Poseidon: mitigating interest flooding ddos attacks in named data networking. In: 2013 IEEE 38th Conference on Local Computer Networks (LCN), pp. 630–638, October 2013
Durr, M., Maier, M., Wiesner, K.: An analysis of query forwarding strategies for secure and privacy-preserving social networks. In: 2012 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM), pp. 535–542, August 2012
Fox, E.A., Chen, Q.F., Daoud, A.M., Heath, L.S.: Order preserving minimal perfect hash functions and information retrieval. In: Proceedings of the 13th Annual International ACM SIGIR Conference on Research and Development in Information Retrieval, pp. 279–311. ACM (1990)
Gasti, P., Tsudik, G., Uzun, E., Zhang, L.: Dos and ddos in named data networking. In: 2013 22nd International Conference on Computer Communications and Networks (ICCCN), pp. 1–7, July 2013
Gentry, C., Ramzan, Z.: Identity-based aggregate signatures. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 257–273. Springer, Heidelberg (2006)
Goergen, D., Cholez, T., Fran, J., Engel, T.: Security monitoring for content-centric networking (2012)
Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 89–98. ACM (2006)
Karumanchi, S., Squicciarini, A.C., Carminati, B.: Policy-compliant search query routing for web service discovery in peer to peer networks. In: International Conference on Web-Services, pp. 387–394 (2013)
Karumanchi, S., Squicciarini, A., Lin, D.: Selective and confidential message exchange in vehicular ad hoc networks. In: Xu, L., Bertino, E., Mu, Y. (eds.) NSS 2012. LNCS, vol. 7645, pp. 445–461. Springer, Heidelberg (2012)
Khan, S., Cholez, T., Engel, T., Lavagno, L.: A key management scheme for content centric networking. In: 2013 IFIP/IEEE International Symposium on Integrated Network Management (IM 2013), pp. 828–831, May 2013
Li, X., Wu, J.: Cluster-based intelligent searching in unstructured peer-to-peer networks. In: 2005 25th IEEE International Conference on Distributed Computing Systems Workshops, pp. 642–645, June 2005
Misra, S., Tourani, R., Majd, N.E.: Secure content delivery in information-centric networks: design, implementation, and analyses. In: Proceedings of the 3rd ACM SIGCOMM Workshop on Information-centric Networking, pp. 73–78. ACM (2013)
Mizrak, A., Cheng, Y.C., Marzullo, K., Savage, S.: Fatih: detecting and isolating malicious routers. In: 2005 Proceedings of International Conference on Dependable Systems and Networks, DSN 2005, pp. 538–547, June 2005
Padmanabhan, V.N., Simon, D.R.: Secure traceroute to detect faulty or malicious routing. SIGCOMM Comput. Commun. Rev. 33(1), 77–82 (2003)
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005)
Salmanian, M., Li, M.: Enabling secure and reliable policy-based routing in manets. In: Military Communications Conference - MILCOM 2012, pp. 1–7 (2012)
Vishnu, V., Senthilkumar, N.C.: An intelligent approach to query processing in peer to peer networks. Int. J. Comput. Sci. Issues 9(3), 1–4 (2012)
Wang, J., Wang, J., Yu, N., Li, S.: Order preserving hashing for approximate nearest neighbor search. In: Proceedings of the 21st ACM International Conference on Multimedia, pp. 133–142. ACM (2013)
Wang, S., Ooi, B.C., Tung, A., Xu, L.: Efficient skyline query processing on peer-to-peer networks. In: 2007 IEEE 23rd International Conference on Data Engineering, ICDE 2007, pp. 1126–1135, April 2007
Zhang, X., Chang, K., Xiong, H., Wen, Y., Shi, G., Wang, G.: Towards name-based trust and security for content-centric network. In: 2011 19th IEEE International Conference on Network Protocols (ICNP), pp. 1–6, October 2011
Acknowledgement
Portion of the work from Dr. Squicciarini was funded under the auspices of National Science Foundation, Grant #1250319.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Karumanchi, S., Li, J., Squicciarini, A. (2015). Securing Resource Discovery in Content Hosting Networks. In: Tian, J., Jing, J., Srivatsa, M. (eds) International Conference on Security and Privacy in Communication Networks. SecureComm 2014. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 152. Springer, Cham. https://doi.org/10.1007/978-3-319-23829-6_12
Download citation
DOI: https://doi.org/10.1007/978-3-319-23829-6_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-23828-9
Online ISBN: 978-3-319-23829-6
eBook Packages: Computer ScienceComputer Science (R0)