Abstract
The Information-Centric Network (ICN) paradigm is a future Internet approach aiming to tackle the Internet architectural problems and inefficiencies, by swapping the main entity of the network architecture from hosts to content items. In ICN, content names play a central role: Each content gets a unique name at the network layer, and this name is used for routing the content over the network. This paradigm change potentially enables a future Internet with better performance, reliability, scalability, and suitability for wireless and mobile communication. It also provides new intrinsic means to deal with some popular attacks on the Internet architecture, such as denial of service. However, this new paradigm also represents new challenges related to security that need to be addressed, to ensure its capability to support current and future Internet requirements. This article surveys and summarizes ongoing research concerning security aspects of ICNs, discussing vulnerabilities, attacks, and proposed solutions to mitigate them. We also discuss open challenges and propose future directions regarding research in ICN security.
- Eslam AbdAllah, Hossam Hassanein, and Mohammad Zulkernine. 2015. A survey of security attacks in information-centric networking. IEEE Communications Surveys Tutorials 17, 3 (2015), 1441--1454.Google ScholarDigital Library
- Gergely Acs, Mauro Conti, Paolo Gasti, Cesar Ghali, and Gene Tsudik. 2013. Cache privacy in named-data networking. In International Conference on Distributed Computing Systems (ICDCS’13). IEEE, 41--51.Google ScholarDigital Library
- Alexander Afanasyev, Priya Mahadevan, Ilya Moiseenko, Ersin Uzun, and Lixia Zhang. 2013. Interest flooding attack and countermeasures in named data networking. In International Conference on Networking (Networking’13). IFIP, 1--9.Google Scholar
- Alexander Afanasyev, Cheng Yi, Lan Wang, Beichuan Zhang, and Lixia Zhang. 2015. SNAMP: Secure namespace mapping to scale NDN forwarding. In IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). IEEE, 281--286.Google ScholarCross Ref
- Bengt Ahlgren, Christian Dannewitz, Claudio Imbrenda, Dirk Kutscher, and Börje Ohlman. 2012. A survey of information-centric networking. IEEE Communications Magazine 50, 7 (2012), 26--36.Google ScholarCross Ref
- Samir Al-Sheikh, Matthias Wählisch, and Thomas C. Schmidt. 2015. Revisiting countermeasures against NDN interest flooding. In ACM Conference on Information-Centric Networking (ICN’15). ACM, 195--196.Google Scholar
- Bander Alzahrani, Vassilios Vassilakis, and Martin Reed. 2013. Key management in information centric networking. International Journal of Computer Networks and Communications (IJCNC) 5 (2013), 153--166.Google ScholarCross Ref
- Bander Alzahrani, Vassilios Vassilakis, and Martin Reed. 2013. Mitigating brute-force attacks on Bloom-filter based forwarding. In Conference on Future Internet Communications (CFIC’13). IEEE, 1--7.Google ScholarCross Ref
- Bander Alzahrani, Vassilios Vassilakis, and Martin Reed. 2013. Securing the forwarding plane in information centric networks. In Computer Science and Electronic Engineering Conference (CEEC’13). IEEE, 174--178.Google ScholarCross Ref
- Somaya Arianfar, Teemu Koponen, Barath Raghavan, and Scott Shenker. 2011. On preserving privacy in content-oriented networks. In ACM SIGCOMM Workshop on ICN (ICN’11). ACM, 19--24.Google ScholarDigital Library
- Giuseppe Ateniese, Kevin Fu, Matthew Green, and Susan Hohenberger. 2006. Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Transactions on Information System Security 9, 1 (2006), 1--30.Google ScholarDigital Library
- Mohammed Bari, Shihabur Chowdhury, Reaz Ahmed, Raouf Boutaba, and Bertrand Mathieu. 2012. A survey of naming and routing in information-centric networks. IEEE Communications Magazine 50, 12 (2012), 44--53.Google ScholarCross Ref
- Mark Baugher, Bruce Davie, Ashok Narayanan, and David Oran. 2012. Self-verifying names for read-only named data. In Conference on Computer Communications Workshops (INFOCOM). IEEE, 274--279.Google ScholarCross Ref
- Flavio Bonomi, Michael Mitzenmacher, Rina Panigrahy, Sushil Singh, and George Varghese. 2006. An improved construction for counting bloom filters. In Annual European Symposium on Algorithms (ESA’06). Springer, Zurich, Switzerland, 684--695.Google ScholarDigital Library
- Jeff Burke, Paolo Gasti, Naveen Nathan, and Gene Tsudik. 2014. Secure sensing over named data networking. In International Symposium on Network Computing and Applications (NCA’14). IEEE, 175--180.Google ScholarDigital Library
- Abdelberi Chaabane, Mohamed Ali De Cristofaro, Emiliano andiaafar, and Ersin Uzun. 2013. Privacy in content-oriented networking: Threats and Countermeasures. SIGCOMM Computer Communications Review 43, 3 (2013), 25--33. Google ScholarDigital Library
- Tao Chen, Kai Lei, and Kuai Xu. 2014. An encryption and probability based access control model for named data networking. In IEEE International Performance Computing and Communication Conference (IPCCC’14). IEEE, 1--8.Google ScholarCross Ref
- Seungoh Choi, Kwangsoo Kim, Seongmin Kim, and Byeong hee Roh. 2013. Threat of DoS by interest flooding attack in content-centric networking. In International Conference on Information Networking (ICOIN’13). IEEE, 315--319.Google Scholar
- Dwaine Clarke, Jean-Emile Elien, Carl Ellison, Matt Fredette, Alexander Morcos, and Ronald Rivest. 2001. Certificate chain discovery in SPKI/SDSI. Journal of Computer Security 9, 4 (2001), 285--322. Google ScholarCross Ref
- Alberto Compagno, Mauro Conti, Paolo Gasti, Luigi Vicenzo Mancini, and Gene Tsudik. 2015. Violating consumer anonymity: Geo-locating nodes in named data networking. In International Conference on Applied Cryptography and Network Security (ACNS’15). Springer.Google ScholarCross Ref
- Alberto Compagno, Mauro Conti, Paolo Gasti, and Gene Tsudik. 2013. Poseidon: Mitigating interest flooding DDoS attacks in named data networking. In Conference on Local Computer Networks (LCN’13). IEEE, 1--9.Google ScholarCross Ref
- Mauro Conti, Paolo Gasti, and Marco Teoli. 2013. A lightweight mechanism for detection of cache pollution attacks in named data networking. Computer Networks 57, 16 (2013), 3178--3191. Google ScholarDigital Library
- Huichen Dai, Yi Wang, Jindou Fan, and Bin Liu. 2013. Mitigate DDoS attacks in NDN by interest traceback. In IEEE International Workshop on Emerging Design Choices in Name-Oriented Networking (NOMEN’13). IEEE, 381--386.Google ScholarCross Ref
- Christian Dannewitz, Jovan Golić, Börje Ohlman, and Bengt Ahlgren. 2010. Secure naming for a network of information. In IEEE Conference on Computer Communications Workshops (INFOCOM’10). IEEE, 1--6.Google ScholarCross Ref
- Christian Dannewitz, Dirk Kutscher, Börje Ohlman, Stephen Farrell, Bengt Ahlgren, and Holger Karl. 2013. Network of information (NetInf) - An information-centric networking architecture. Comp. Communications 36, 7 (2013), 721--735. Google ScholarDigital Library
- Steve DiBenedetto, Paolo Gasti, Gene Tsudik, and Ersin Uzun. 2012. ANDaNA: Anonymous named data networking application. In Network and Distributed System Security Symposium (NDSS’12). Internet Society.Google Scholar
- Stephanie DiBenedetto and Christos Papadopoulos. 2016. Mitigating poisoned content with forwarding strategy. In Conference on Computer Communications Workshops. IEEE, 164--169.Google ScholarCross Ref
- Onyekachi O. Elechi, Joseph S. Igwe, and Elias C. Eze. 2014. Denial of service in internet protocol network and information centric network: An impediment to network quality of service. Journal of Information Engineering and Applications 4 (2014), 14--24.Google Scholar
- Stephen Farrell, Dirk Kutscher, Christian Dannewitz, Börje Ohlman, Ari Keränen, and Phillip Hallam-Baker. 2013. Naming Things with Hashes. RFC 6920.Google Scholar
- Nikos Fotiou, Giannis F. Marias, and George C. Polyzos. 2010. Towards a secure rendezvous network for future publish/subscribe architectures. In Future Internet Symposium (FIS’10). Springer, Berlin, Germany, 49--56.Google Scholar
- Nikos Fotiou, Giannis F. Marias, and George C. Polyzos. 2012. Access control enforcement delegation for information-centric networking architectures. In ACM SIGCOMM Workshop on ICN (ICN’12). ACM, 85--90.Google Scholar
- Nikos Fotiou, Yannis Thomas, Vasilios A. Siris, and George C. Polyzos. 2014. Security requirements and solutions for integrated satellite-terrestrial information-centric networks. In Advanced Satellite Multimedia Systems Conference, Signal Processing for Space Communications Workshop (ASMS/SPSC). IEEE, 1--8.Google Scholar
- Nikos Fotiou, Dirk Trossen, Giannis Marias, Alexandros Kostopoulos, and George Polyzos. 2013. Enhancing information lookup privacy through homomorphic encryption. Journal of Security and Communication Networks 7 (2013), 2804--2814.Google ScholarCross Ref
- Paolo Gasti, Gene Tsudik, Ersin Uzun, and Lixia Zhang. 2012. DoS and DDoS in named-data networking. In International Conference on Computer Communications and Networks (ICCCN’13). IEEE, 1--7.Google Scholar
- Cesar Ghali, Ashok Narayanan, David Oran, and Gene Tsudik. 2014. Secure Fragmentation for Content-Centric Networks. http://arxiv.org/abs/1405.2861.Google Scholar
- Cesar Ghali, Marc A. Schlosberg, Gene Tsudik, and Christopher A. Wood. 2015. Interest-based access control for content centric networks. In ACM Conference on Information-Centric Networking (ICN’15). ACM, 147--158.Google Scholar
- Cesar Ghali, Gene Tsudik, and Ersin Uzun. 2014. Elements of trust in named-data and content-centric networking. ACM SIGCOMM Computer Communication Review 44, 5 (2014), 1--10.Google ScholarDigital Library
- Cesar Ghali, Gene Tsudik, and Ersin Uzun. 2014. Needle in a haystack: Mitigating content poisoning in named-data networking. In Workshop on Security of Emerging Networking Technologies (SENT’14). Internet Society, 1--10.Google ScholarCross Ref
- Cesar Ghali, Gene Tsudik, and Ersin Uzun. 2014. Network-layer trust in named-data networking. SIGCOMM Computer Communications Review 44, 5 (2014), 12--19. Google ScholarDigital Library
- Cesar Ghali, Gene Tsudik, Ersin Uzun, and Christopher A. Wood. 2015. Living in a PIT-less world: A case against stateful forwarding in content-centric networking. ArXiv 1512, 07755 (2015), 1--10. http://arxiv.org/abs/1512.07755.Google Scholar
- Cesar Ghali, Gene Tsudik, and Christopher Wood. 2016. Network names in content-centric networking. In 3rd ACM Conference on Information-Centric Networking (ACM-ICN’16). ACM, 132--141.Google ScholarDigital Library
- Cesar Ghali, Gene Tsudik, and Christopher A. Wood. 2017. When encryption is not enough: Privacy attacks in content-centric networking. In ACM Conference on Information-Centric Networking (ICN’17). ACM, 1--10.Google Scholar
- David Goergen, Thibault Cholez, Jérôme François, and Thomas Engel. 2012. Security monitoring for content-centric networking. In International Workshop on Data Privacy Management (DPM’12). Springer, 274--286.Google Scholar
- David Goergen, Thibault Cholez, Jérôme François, and Thomas Engel. 2013. A semantic firewall for content-centric networking. In International Symposium on Integrated Network Management (IM’13). IFIP/IEEE.Google Scholar
- Aaron D. Goldman, A. Selcuk Uluagac, and John A. Copeland. 2014. Cryptographically-curated file system (CCFS): Secure, inter-operable, and easily implementable information-centric networking. In Conference on Local Computer Networks (LCN’14). IEEE, 142--149.Google Scholar
- Pedro Henrique Guimaraes, Lyno Henrique Ferraz, João Vitor Torres, Diogo Mattos, Andres Murillo, Martin Andreoni, Igor Alvarenga, Claudia Rodrigues, and Otto Carlos Duarte. 2013. Experimenting content-centric networks in the future internet testbed environment. In Workshop on Cloud Convergence: Challenges for Future Infrastructures and Services (WCC’13). IEEE, 1403--1407.Google ScholarCross Ref
- Balkis Hamdane and Sihem Guemara El Fatmi. 2015. A credential and encryption based access control solution for named data networking. In International Symposium on Integrated Network Management (IM’15). IEEE, 1234--1237.Google ScholarCross Ref
- Balkis Hamdane, Sihem Guemara El Fatmi, and Ahmed Serhrouchni. 2014. A novel name-based security mechanism for information-centric networking. In Wireless Communications and Networking Conference (WCNC’14). IEEE, 1--5.Google ScholarCross Ref
- Balkis Hamdane, Mounira Msahli, Ahmed Serhrouchni, and Sihem Guemara El Fatmi. 2013. Data-based access control in named data networking. In IEEE International Conference on Collaborative Computing. IEEE, 531--536.Google ScholarCross Ref
- Balkis Hamdane, Ahmed Serhrouchni, Ahmad Fadlallah, and Sihem El Fatmi. 2012. Named-data security scheme for named data networking. In International Conference on the Network of the Future (NOF’12). IEEE, 1--6.Google ScholarCross Ref
- Do Hyung Kim, SunWook Nam, Jun Bi, and Ikjun Yeom. 2015. Efficient content verification in named data networking. In ACM Conference on Information-centric Networking (ICN’15). ACM, 109--116.Google ScholarDigital Library
- Mihaela Ion, Jianqing Zhang, and Eve Schooler. 2013. Toward content-centric privacy in ICN: Attribute-based encryption and routing. In ACM SIGCOMM Workshop on ICN (ICN’13). ACM, 39--40.Google Scholar
- Van Jacobson, Diana K. Smetters, James D. Thornton, Michael Plass, Nick Briggs, and Rebecca Braynard. 2012. Networking named content. Communications of the ACM 55, 1 (2012), 117--124.Google ScholarDigital Library
- Van Jacobson, Diana K. Smetters, James D. Thornton, Michael F. Plass, Nicholas H. Briggs, and Rebecca L. Braynard. 2009. Networking named content. In International Conference on Emerging Networking Experiments and Technologies (CoNEXT’09). ACM, 1--12.Google Scholar
- Jongmin Jeong, Ted “Taekyoung” Kwon, and Yanghee Choi. 2010. Host-oblivious security for content-based networks. In International Conference on Future Internet Technologies (CFI’10). ACM, 35--40.Google Scholar
- Amin Karami. 2013. Data clustering for anomaly detection in content-centric networks. International Journal of Computer Applications 81, 7 (2013), 1--8.Google ScholarCross Ref
- Amin Karami and Manel Guerrer-Zapata. 2015. An ANFIS-based cache replacement method for mitigating cache pollution attacks in named data networking. Computer Networks 80 (2015), 51--65. Google ScholarDigital Library
- Amin Karami and Manel Guerrero-Zapata. 2015. A fuzzy anomaly detection system based on hybrid PSO-kmeans algorithm in content-centric networks. Neurocomputing 149 (2015), 1253--1269.Google ScholarCross Ref
- Amin Karami and Manel Guerrero-Zapata. 2015. A hybrid multiobjective RBF-PSO method for mitigating DoS attacks in named data networking. Neurocomputing 151, Part 3 (2015), 1262--1282.Google ScholarCross Ref
- Fawad Khan, Sarmad Ullah Khan, Muhammad Roman, and Usman Abbasi. 2014. Location identity based content security scheme for content centric networking. In International Conference on Security of Information and Networks (SIN’14). ACM, 1--6.Google ScholarDigital Library
- Sarmad Ullah Khan, Thibault Cholez, Thomas Engel, and Luciano Lavagno. 2013. A key management scheme for content centric networking. In International Symposium on Integrated Network Management (IM’13). IFIP/IEEE, 828--831.Google Scholar
- Teemu Koponen, Mohit Chawla, Byung-Gon Chun, Andrey Ermolinskiy, Kye Hyun Kim, Scott Shenker, and Ion Stoica. 2007. A data-0riented (and beyond) network architecture. SIGCOMM Computer Communications Review 37, 4 (2007), 181--192. Google ScholarDigital Library
- Jun Kurihara, C. Wood, and Ersin Uzun. 2015. An encryption-based access control framework for content-centric networking. In IFIP Networking. IEEE, 1--9.Google Scholar
- Dirk Kutscher, Suyong Eum, Kostas Pentikousis, Ioannis Psaras, Daniel Corujo, Damien Saucez, Thomas Schmidt, and Matthias Wählisch. 2016. Information-Centric Networking (ICN) Research Challenges. RFC 7927.Google Scholar
- Tobias Lauinger. 2010. Security and Scalability of Content-Centric Networking. Master’s thesis. Eurecom, Sophia-Antipolis, France and Technische Universität Darmstadt, Germany.Google Scholar
- Tobias Lauinger, Nikolaos Laoutaris, Pablo Rodriguez, Thorsten Strufe, Ernst Biersack, and Engin Kirda. 2012. Privacy risks in named data networking: What is the cost of performance? SIGCOMM Computer Communications Review 42, 5 (2012), 54--57.Google ScholarDigital Library
- Tobias Lauinger, Thorsten Strufe, Nikolaos Laoutaris, Ernst Biersack, Pablo Rodriguez, and Engin Kirda. 2011. Privacy Implications of Ubiquitous Caching in Named Data Networking Architectures. Technical Report. Technische Universität Darmstadt. TR-iSecLab-0812-001.Google Scholar
- Vince Lehman, AKM Mahmudul Hoque, Yingdi Yu, Lan Wang, Beichuan Zhang, and Lixia Zhang. 2016. A Secure Link State Routing Protocol for NDN. Technical Report NDN-0037. NDN. Retrieved from http://named-data.net/techreports.html.Google Scholar
- Bing Li, Ashwin Prabhu Verleker, Dijiang Huang, Zhijie Wang, and Yan Zhu. 2014. Attribute-based access control for ICN naming scheme. In IEEE Conference on Communications and Network Security (CNS’14). IEEE, 391--399.Google ScholarCross Ref
- Bing Li, Zhijie Wang, Dijiang Huang, and Yan Zhu. 2014. Toward Privacy-preserving Content Access Control for Information Centric Networking. Technical Report. Arizona State University.Google Scholar
- Qi Li, Ravi Sandhu, Xinwen Zhang, and Mingwei Xu. 2015. Mandatory content access control for privacy protection in information centric networks. IEEE Transactions on Dependable and Secure Computing PP, 99 (2015), 1--13.Google Scholar
- Qi Li, Xinwen Zhang, Qingji Zheng, Ravi Sandhu, and Xiaoming Fu. 2014. LIVE: Lightweight integrity verification and content access control for named data networking. IEEE Transactions on Information Forensics and Security 10, 2 (2014), 308--320.Google ScholarDigital Library
- Jonathan Loo and Mahdi Aiash. 2015. Challenges and solutions for secure information-centric networks: A case study of the netinf architecture. Journal of Network and Computer Applications 50 (2015), 64--72. Google ScholarDigital Library
- You Lu, Zhiyang Wang, Yu-Ting Yu, Ruolin Fan, and Mario Gerla. 2013. Social network based security scheme in mobile information-centric network. In Mediterranean Ad Hoc Networking Workshop (Med-Hoc-Net’13). IEEE, 1--7.Google ScholarCross Ref
- Priya Mahadevan, Ersin Uzun, Spencer Sevilla, and J. J. Garcia-Luna-Aceves. 2014. CCN-KRS: A key resolution service for CCN. In ACM Conference on Information-centric Networking (ICN’14). ACM, 97--106.Google Scholar
- Michele Mangili, Fabio Martignon, and Stefano Paraboschi. 2015. A cache-aware mechanism to enforce confidentiality, trackability and access policy evolution in content-centric networks. Computer Networks 76 (2015), 126--145. Google ScholarDigital Library
- Elisa Mannes, Carlos Maziero, Luiz Carlos Lassance, and Fàbio Borges. 2015. Optimized access control over encrypted content in information-centric networks. In IEEE Symposium on Computers and Communications (ISCC’15). IEEE, 924--929.Google ScholarDigital Library
- Elisa Mannes, Carlos Maziero, Luiz Carlos Lassance, and Fabio Borges. 2016. Assessing the impact of cryptographic access control solutions on multimedia delivery in information-centric networks. In Network Operations and Management Symposium (NOMS’16). IEEE, 427--435.Google ScholarDigital Library
- Emmanuel A. Massawe, Suguo Du, and Haojin Zhu. 2013. A scalable and privacy-preserving named data networking architecture based on bloom filters. In International Conference on Distributed Computing Systems Workshops (ICDCSW’13). IEEE, 22--26.Google ScholarDigital Library
- Spyridon Mastorakis, Alexander Afanasyev, Ilya Moiseenko, and Lixia Zhang. 2015. ndnSIM 2.0: A New Version of the NDN Simulator for NS-3. Technical Report NDN-0028. NDN.Google Scholar
- Friedemann Mattern and Christian Floerkemeier. 2010. From the internet of computers to the internet of things. In From Active Data Management to Event-based Systems and More. Springer, Heildelberg, Germany, 242--259. Google ScholarDigital Library
- Giulia Mauri and Giacomo Verticale. 2013. Distributing key revocation status in named data networking. In Advances in Communication Networking. Lecture Notes in Computer Science, Vol. 8115. Springer, Chemnitz, Germany, 310--313.Google Scholar
- Giulia Mauri and Giacomo Verticale. 2014. On the tradeoff between performance and user privacy in information centric networking. In Conference on New Technologies, Mobility and Security (NTMS’14). IEEE, 1--5.Google ScholarCross Ref
- Satyajayant Misra, Reza Tourani, and Nahid Ebrahimi Majd. 2013. Secure content delivery in information-centric networks: Design, implementation, and analyses. In ACM SIGCOMM Workshop on ICN (ICN’13). ACM, 73--78.Google ScholarDigital Library
- Aziz Mohaisen, Hesham Mekky, Xinwen Zhang, Haiyong Xie, and Yongdae Kim. 2014. Timing attacks on access privacy in information centric networks and countermeasures. IEEE Transactions on Dependable and Secure Computing 12, 6 (2014), 675--687.Google ScholarDigital Library
- Abedelaziz Mohaisen, Xinwen Zhang, Max Schuchard, Haiyong Xie, and Yongdae Kim. 2012. Protecting access privacy of cached contents in information centric networks. In ACM Conference on Computer and Communications Security (CCS’12). ACM, 1001--1003.Google ScholarDigital Library
- NDN Project. 2017. Named Data Networking Project Specifications, v 0.3. Technical Report. Named Data Networking Project. Retrieved from https://named-data.net/project/specifications.Google Scholar
- Tan Nguyen, Remi Cogranne, and Guillaume Doyen. 2015. An optimal statistical test for a robust detection of interest flooding attacks in CCN. In IEEE/IFIP International Symposium on Integrated Network Management. IEEE, 1--9.Google ScholarCross Ref
- Tan Nguyen, Remi Cogranne, Guillaume Doyen, and Florent Retraint. 2015. Detection of interest flooding attacks in named data networking using hypothesis testing. In IEEE Workshop on Information Forensics and Security (WIFS’15). IEEE, 1--6.Google ScholarCross Ref
- Boubakr Nour, Kashif Sharif, Fan Li, Hassine Moungla, and Yang Liu. 2017. M2HAV: A standardized ICN naming scheme for wireless devices in internet of things. In 12th International Conference on Wireless Algorithms, Systems, and Applications (WASA’17). Springer, 289--301.Google ScholarCross Ref
- Nonhlanhla Ntuli and Sunyoung Han. 2012. Detecting router cache snooping in named data networking. In International Conference on ICT Convergence (ICTC’12). IEEE, 714--718.Google ScholarCross Ref
- John P. Papanis, Stavros I. Papapanagiotou, Aziz S. Mousas, Georgios V. Lioudakis, Dimitra I. Kaklamani, and Iakovos S. Venieris. 2013. On the use of attribute-based encryption for multimedia content pprotection over information-centric networks. Transactions on Emerging Telecommunications Technologies 25, 4 (2013), 422--435. Google ScholarDigital Library
- Diego Perino and Matteo Varvello. 2011. A reality check for content centric networking. In ACM SIGCOMM Workshop on ICN (ICN’11). ACM, 44--49.Google ScholarDigital Library
- Daniel Posch, Hermann Hellwagner, and Peter Schartner. 2013. On-demand video streaming based on dynamic adaptive encrypted content chunks. In IEEE International Conference on Network Protocols (ICNP’13). IEEE, 1--6.Google ScholarCross Ref
- Eric Renault, Abid Ahmad, and Mohamed Abid. 2009. Toward a security model for the future network of information. In International Conference on Ubiquitous Information Technologies Applications (ICUT’09). IEEE, 1--6.Google ScholarCross Ref
- Daniel Rezende, Carlos Maziero, and Elisa Mannes. 2018. A distributed online certificate status protocol for named data networks. In ACM Symposium on Applied Computing (SAC’18). ACM, 2102--2108.Google ScholarDigital Library
- Igor Ribeiro, Antonio Rocha, Celio Albuquerque, and Flavio Guimarães. 2014. On the possibility of mitigating content pollution in content-centric networking. In Conference on Local Computer Networks (LCN’14). IEEE, 498--501.Google ScholarCross Ref
- Lorenzo Saino, Ioannis Psaras, and George Pavlou. 2014. Icarus: A caching simulator for information centric networking (ICN). In International Conference on Simulation Tools and Techniques (SIMUTOOLS). EAI, 1--10.Google ScholarDigital Library
- Sandvine. 2014. Sandvine global Internet Phenomena Report: 1H 2014. Retrieved from https://www.sandvine.com/downloads/general/global-internet-phenomena/2014/1h-2014-global-internet-phenomena-report.pdf.Google Scholar
- Bruce Schneier. 2012. Liars and Outliers: Enabling the Trust that Society Needs to Thrive (1st ed.). Wiley, New York NY.Google Scholar
- Seog Chung Seo, Taehong Kim, and MyeongWuk Jang. 2014. A privacy-preserving approach in content centric networks. In Consumer Communications and Networking Conference (CCNC’14). IEEE, 866--871.Google Scholar
- Sapna Singh, Archana Puri, Shiksha Smreti Singh, Anurika Vaish, and S. Venkatesan. 2012. A trust based approach for secure access control in information centric network. International Journal of Information and Network Security (IJINS) 1, 2 (2012), 97--104.Google ScholarCross Ref
- Diana Smetters and Van Jacobson. 2009. Securing Network Content. Technical Report. PARC TR-2009-1.Google Scholar
- Xiaobin Tan, Zifei Zhou, C. Zou, Yukun Niu, and Xin Chen. 2014. Copyright protection in named data networking. In 6th International Conference on Wireless Communications and Signal Processing (WCSP’14). IEEE, 1--6.Google ScholarCross Ref
- Michele Tortelli, Dario Rossi, Gennaro Boggia, and Luigi Alfredo Grieco. 2014. Cross-comparison of ICN software tools. In ACM Conference on Information-centric Networking (ICN’14). ACM, 197--198.Google Scholar
- Reza Tourani, Satyajayant Misra, Joerg Kliewer, Scott Ortegel, and Travis Mick. 2015. Catch me if you can: A practical framework to evade censorship in information-centric networks. In ACM Conference on Information-Centric Networking (ICN’15). ACM, 167--176.Google ScholarDigital Library
- Reza Tourani, Satyajayant Misra, Travis Mick, and Gaurav Panwar. 2018. Security, privacy, and access control in information-centric networking: A survey. IEEE Communications Surveys Tutorials 20, 1 (2018), 566--600.Google ScholarCross Ref
- Gene Tsudik, Ersin Uzun, and Christopher A. Wood. 2014. AC3N: An API and service for anonymous communication in content-centric networking. In Consumer Communications and Networking Conference (CCNC’14). IEEE, 858--865.Google Scholar
- Bárbara Vieira and Erik Poll. 2013. A security protocol for information-centric networking in smart grids. In Smart Energy Grid Security Workshop (SEGS’13). ACM, 1--10.Google ScholarDigital Library
- Matteo Virgilio, Guido Marchetto, and Riccardo Sisto. 2013. PIT overload analysis in content centric networks. In ACM SIGCOMM Workshop on ICN (ICN’13). ACM, 67--72.Google ScholarDigital Library
- Matthias Wählisch, Thomas C. Schmidt, and Markus Vahlenkamp. 2013. Backscatter from the data plane -- Threats to stability and security in information-centric network infrastructure. Computer Networks 57, 16 (2013), 3192--3206. Google ScholarDigital Library
- Matthias Wählisch, Thomas C. Schmidt, and Markus Vahlenkamp. 2013. Lessons from the past: Why data-driven states harm future information-centric networking. In International Conference on Networking (IFIP Networking’13). IEEE, 1--9.Google Scholar
- Kai Wang, Jia Chen, Huachun Zhou, and Yajuan Qin. 2012. Content-centric networking: Effect of content caching on mitigating DoS attack. International Journal of Computer Science Issues 9, 6 (2012), 43--52.Google Scholar
- Kai Wang, Jia Chen, Huachun Zhou, Yajuan Qin, and Hongke Zhang. 2013. Modeling denial-of-service against pending interest table in named data networking. International Journal of Communication Systems 26 (2013), 1--14. Google ScholarDigital Library
- Kai Wang, Huachun Zhou, Yajuan Qin, Jia Chen, and Hongke Zhang. 2013. Decoupling malicious interests from pending interest table to mitigate interest flooding attacks. In IEEE International Workshop on Management of Emerging Networks and Services (Globecom). IEEE, 963--968.Google Scholar
- Yu Wang, Mingwei Xu, Zhen Feng, Qing Li, and Qi Li. 2014. Session-based access control in information-centric networks: Design and analyses. In IEEE International Performance Computing and Communication Conference (IPCCC’14). IEEE, Austin TX, USA, 1--8.Google ScholarCross Ref
- Walter Wong and Maurício Ferreira Magalhães. 2012. Security approaches for information-centric networking. In Applied Cryptography and Network Security. Springer, 76--98.Google Scholar
- Walter Wong and Pekka Nikander. 2010. Secure naming in information-centric networks. In Re-Architecting the Internet Workshop. ACM, 1--6. Google ScholarDigital Library
- Christopher Wood and Ersin Uzun. 2014. Flexible end-to-end content security in CCN. In Consumer Communications and Networking Conference (CCNC’14). IEEE, 1--8.Google ScholarCross Ref
- Mengjun Xie, Indra Widjaja, and Haining Wang. 2012. Enhancing cache robustness for content-centric networking. In International Conference on Computer Communications (INFOCOM’12). IEEE, 2426--2434.Google Scholar
- Zhiwei Xu, Bo Chen, Ninghan Wang, Yujun Zhang, and Zhongcheng Li. 2015. ELDA: Towards efficient and lightweight detection of cache pollution attacks in NDN. In Conference on Local Computer Networks (LCN’15). IEEE, 1--9. Google ScholarDigital Library
- Cheng Yi, Alexander Afanasyev, Ilya Moiseenko, Lan Wang, Beichuan Zhang, and Lixia Zhang. 2013. A case for stateful forwarding plane. Computer Communication 36, 7 (2013), 779--791. Google ScholarDigital Library
- Yingdi Yu, Alexander Afanasyev, David Clark, K. C. Claffy, Van Jacobson, and Lixia Zhang. 2015. Schematizing trust in named data networking. In ACM Conference on Information-Centric Networking (ICN’15). ACM, 177--186.Google ScholarDigital Library
- Yingdi Yu, Alexander Afanasyev, Jan Seedorf, Zhiyi Zhang, and Lixia Zhang. 2017. NDN DeLorean: An authentication system for data archives in named data networking. In ACM Conference on Information-Centric Networking (ICN’17). ACM, 11--21.Google ScholarDigital Library
- Guoqiang Zhang, Yang Li, and Tao Lin. 2013. Caching in information centric networking: A survey. Computer Networks 57, 16 (2013), 3128--3141. Google ScholarDigital Library
- Jianqing Zhang, Qinghua Li, and Eve Schooler. 2012. iHEMS: An information-centric approach to secure home energy management. In International Conference on Smart Grid Communications (SmartGridComm’12). IEEE, 217--222.Google ScholarCross Ref
- Lixia Zhang, Alexander Afanasyev, Jeffrey Burke, Van Jacobson, K. C. Claffy, Patrick Crowley, Christos Papadopoulos, Lan Wang, and Beichuan Zhang. 2014. Named data networking. ACM SIGCOMM Computer Communication Review 44, 3 (2014), 66--73.Google ScholarDigital Library
- Lixia Zhang, Deborah Estrin, Jeffrey Burke, Van Jacobson, James Thornton, Diana Smetters, Beichuan Zhang, Gene Tsudik, K. C. Claffy, Dmitri Krioukov, Dan Massey, Christos Papadopoulos, Tarek Abdelzaher, Lan Wang, Patrick Crowley, and Edmund Yeh. 2010. Named Data Networking (NDN) Project. Technical Report NDN-0001. NDN Project.Google Scholar
- Xinwen Zhang, Katharine Chang, Huijun Xiong, Yonggang Wen, Guangyu Shi, and Guoqiang Wang. 2011. Towards name-based trust and security for content-centric network. In International Conference on Network Protocols (ICNP’11). IEEE, 1--6.Google ScholarDigital Library
- Zhenkai Zhu, Jeff Burke, Lixia Zhang, Paolo Gasti, Yanbin Lu, and Van Jacobson. 2011. A new approach to securing audio conference tools. In Asian Internet Engineering Conference (AINTEC’11). ACM, 120--123.Google ScholarDigital Library
Index Terms
- Naming Content on the Network Layer: A Security Analysis of the Information-Centric Network Model
Recommendations
Denial of Service against the Domain Name System
Because many network services rely on the Domain Name System, denial-of-service attacks against it can be particularly damaging. This article analyzes such threats and reviews existing and proposed countermeasures for addressing them.
Countermeasures for timing-based side-channel attacks against shared, modern computing hardware
There are several vulnerabilities in computing systems hardware that can be exploited by attackers to carry out devastating microarchitectural timing-based side-channel attacks against these systems and as a result compromise the security of the users of ...
An attack scenario and mitigation mechanism for enterprise BYOD environments
The recent proliferation of the Internet of Things (IoT) technology poses major security and privacy concerns. Specifically, the use of personal IoT devices, such as tablets, smartphones, and even smartwatches, as part of the Bring Your Own Device (BYOD)...
Comments