survey

Naming Content on the Network Layer: A Security Analysis of the Information-Centric Network Model

Authors:
Elisa Mannes

Federal University of Paraná State, PR, Brazil

Federal University of Paraná State, PR, Brazil
View Profile

,
Carlos Maziero

Federal University of Paraná State, PR, Brazil

Federal University of Paraná State, PR, Brazil

0000-0003-2592-3664
View Profile

Authors Info & Claims

ACM Computing Surveys Volume 52 Issue 3Article No.: 44pp 1–28https://doi.org/10.1145/3311888

Published:18 June 2019Publication History

ACM Computing Surveys

Abstract

The Information-Centric Network (ICN) paradigm is a future Internet approach aiming to tackle the Internet architectural problems and inefficiencies, by swapping the main entity of the network architecture from hosts to content items. In ICN, content names play a central role: Each content gets a unique name at the network layer, and this name is used for routing the content over the network. This paradigm change potentially enables a future Internet with better performance, reliability, scalability, and suitability for wireless and mobile communication. It also provides new intrinsic means to deal with some popular attacks on the Internet architecture, such as denial of service. However, this new paradigm also represents new challenges related to security that need to be addressed, to ensure its capability to support current and future Internet requirements. This article surveys and summarizes ongoing research concerning security aspects of ICNs, discussing vulnerabilities, attacks, and proposed solutions to mitigate them. We also discuss open challenges and propose future directions regarding research in ICN security.

References

Eslam AbdAllah, Hossam Hassanein, and Mohammad Zulkernine. 2015. A survey of security attacks in information-centric networking. IEEE Communications Surveys Tutorials 17, 3 (2015), 1441--1454.Google ScholarDigital Library
Gergely Acs, Mauro Conti, Paolo Gasti, Cesar Ghali, and Gene Tsudik. 2013. Cache privacy in named-data networking. In International Conference on Distributed Computing Systems (ICDCS’13). IEEE, 41--51.Google ScholarDigital Library
Alexander Afanasyev, Priya Mahadevan, Ilya Moiseenko, Ersin Uzun, and Lixia Zhang. 2013. Interest flooding attack and countermeasures in named data networking. In International Conference on Networking (Networking’13). IFIP, 1--9.Google Scholar
Alexander Afanasyev, Cheng Yi, Lan Wang, Beichuan Zhang, and Lixia Zhang. 2015. SNAMP: Secure namespace mapping to scale NDN forwarding. In IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). IEEE, 281--286.Google ScholarCross Ref
Bengt Ahlgren, Christian Dannewitz, Claudio Imbrenda, Dirk Kutscher, and Börje Ohlman. 2012. A survey of information-centric networking. IEEE Communications Magazine 50, 7 (2012), 26--36.Google ScholarCross Ref
Samir Al-Sheikh, Matthias Wählisch, and Thomas C. Schmidt. 2015. Revisiting countermeasures against NDN interest flooding. In ACM Conference on Information-Centric Networking (ICN’15). ACM, 195--196.Google Scholar
Bander Alzahrani, Vassilios Vassilakis, and Martin Reed. 2013. Key management in information centric networking. International Journal of Computer Networks and Communications (IJCNC) 5 (2013), 153--166.Google ScholarCross Ref
Bander Alzahrani, Vassilios Vassilakis, and Martin Reed. 2013. Mitigating brute-force attacks on Bloom-filter based forwarding. In Conference on Future Internet Communications (CFIC’13). IEEE, 1--7.Google ScholarCross Ref
Bander Alzahrani, Vassilios Vassilakis, and Martin Reed. 2013. Securing the forwarding plane in information centric networks. In Computer Science and Electronic Engineering Conference (CEEC’13). IEEE, 174--178.Google ScholarCross Ref
Somaya Arianfar, Teemu Koponen, Barath Raghavan, and Scott Shenker. 2011. On preserving privacy in content-oriented networks. In ACM SIGCOMM Workshop on ICN (ICN’11). ACM, 19--24.Google ScholarDigital Library
Giuseppe Ateniese, Kevin Fu, Matthew Green, and Susan Hohenberger. 2006. Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Transactions on Information System Security 9, 1 (2006), 1--30.Google ScholarDigital Library
Mohammed Bari, Shihabur Chowdhury, Reaz Ahmed, Raouf Boutaba, and Bertrand Mathieu. 2012. A survey of naming and routing in information-centric networks. IEEE Communications Magazine 50, 12 (2012), 44--53.Google ScholarCross Ref
Mark Baugher, Bruce Davie, Ashok Narayanan, and David Oran. 2012. Self-verifying names for read-only named data. In Conference on Computer Communications Workshops (INFOCOM). IEEE, 274--279.Google ScholarCross Ref
Flavio Bonomi, Michael Mitzenmacher, Rina Panigrahy, Sushil Singh, and George Varghese. 2006. An improved construction for counting bloom filters. In Annual European Symposium on Algorithms (ESA’06). Springer, Zurich, Switzerland, 684--695.Google ScholarDigital Library
Jeff Burke, Paolo Gasti, Naveen Nathan, and Gene Tsudik. 2014. Secure sensing over named data networking. In International Symposium on Network Computing and Applications (NCA’14). IEEE, 175--180.Google ScholarDigital Library
Abdelberi Chaabane, Mohamed Ali De Cristofaro, Emiliano andiaafar, and Ersin Uzun. 2013. Privacy in content-oriented networking: Threats and Countermeasures. SIGCOMM Computer Communications Review 43, 3 (2013), 25--33. Google ScholarDigital Library
Tao Chen, Kai Lei, and Kuai Xu. 2014. An encryption and probability based access control model for named data networking. In IEEE International Performance Computing and Communication Conference (IPCCC’14). IEEE, 1--8.Google ScholarCross Ref
Seungoh Choi, Kwangsoo Kim, Seongmin Kim, and Byeong hee Roh. 2013. Threat of DoS by interest flooding attack in content-centric networking. In International Conference on Information Networking (ICOIN’13). IEEE, 315--319.Google Scholar
Dwaine Clarke, Jean-Emile Elien, Carl Ellison, Matt Fredette, Alexander Morcos, and Ronald Rivest. 2001. Certificate chain discovery in SPKI/SDSI. Journal of Computer Security 9, 4 (2001), 285--322. Google ScholarCross Ref
Alberto Compagno, Mauro Conti, Paolo Gasti, Luigi Vicenzo Mancini, and Gene Tsudik. 2015. Violating consumer anonymity: Geo-locating nodes in named data networking. In International Conference on Applied Cryptography and Network Security (ACNS’15). Springer.Google ScholarCross Ref
Alberto Compagno, Mauro Conti, Paolo Gasti, and Gene Tsudik. 2013. Poseidon: Mitigating interest flooding DDoS attacks in named data networking. In Conference on Local Computer Networks (LCN’13). IEEE, 1--9.Google ScholarCross Ref
Mauro Conti, Paolo Gasti, and Marco Teoli. 2013. A lightweight mechanism for detection of cache pollution attacks in named data networking. Computer Networks 57, 16 (2013), 3178--3191. Google ScholarDigital Library
Huichen Dai, Yi Wang, Jindou Fan, and Bin Liu. 2013. Mitigate DDoS attacks in NDN by interest traceback. In IEEE International Workshop on Emerging Design Choices in Name-Oriented Networking (NOMEN’13). IEEE, 381--386.Google ScholarCross Ref
Christian Dannewitz, Jovan Golić, Börje Ohlman, and Bengt Ahlgren. 2010. Secure naming for a network of information. In IEEE Conference on Computer Communications Workshops (INFOCOM’10). IEEE, 1--6.Google ScholarCross Ref
Christian Dannewitz, Dirk Kutscher, Börje Ohlman, Stephen Farrell, Bengt Ahlgren, and Holger Karl. 2013. Network of information (NetInf) - An information-centric networking architecture. Comp. Communications 36, 7 (2013), 721--735. Google ScholarDigital Library
Steve DiBenedetto, Paolo Gasti, Gene Tsudik, and Ersin Uzun. 2012. ANDaNA: Anonymous named data networking application. In Network and Distributed System Security Symposium (NDSS’12). Internet Society.Google Scholar
Stephanie DiBenedetto and Christos Papadopoulos. 2016. Mitigating poisoned content with forwarding strategy. In Conference on Computer Communications Workshops. IEEE, 164--169.Google ScholarCross Ref
Onyekachi O. Elechi, Joseph S. Igwe, and Elias C. Eze. 2014. Denial of service in internet protocol network and information centric network: An impediment to network quality of service. Journal of Information Engineering and Applications 4 (2014), 14--24.Google Scholar
Stephen Farrell, Dirk Kutscher, Christian Dannewitz, Börje Ohlman, Ari Keränen, and Phillip Hallam-Baker. 2013. Naming Things with Hashes. RFC 6920.Google Scholar
Nikos Fotiou, Giannis F. Marias, and George C. Polyzos. 2010. Towards a secure rendezvous network for future publish/subscribe architectures. In Future Internet Symposium (FIS’10). Springer, Berlin, Germany, 49--56.Google Scholar
Nikos Fotiou, Giannis F. Marias, and George C. Polyzos. 2012. Access control enforcement delegation for information-centric networking architectures. In ACM SIGCOMM Workshop on ICN (ICN’12). ACM, 85--90.Google Scholar
Nikos Fotiou, Yannis Thomas, Vasilios A. Siris, and George C. Polyzos. 2014. Security requirements and solutions for integrated satellite-terrestrial information-centric networks. In Advanced Satellite Multimedia Systems Conference, Signal Processing for Space Communications Workshop (ASMS/SPSC). IEEE, 1--8.Google Scholar
Nikos Fotiou, Dirk Trossen, Giannis Marias, Alexandros Kostopoulos, and George Polyzos. 2013. Enhancing information lookup privacy through homomorphic encryption. Journal of Security and Communication Networks 7 (2013), 2804--2814.Google ScholarCross Ref
Paolo Gasti, Gene Tsudik, Ersin Uzun, and Lixia Zhang. 2012. DoS and DDoS in named-data networking. In International Conference on Computer Communications and Networks (ICCCN’13). IEEE, 1--7.Google Scholar
Cesar Ghali, Ashok Narayanan, David Oran, and Gene Tsudik. 2014. Secure Fragmentation for Content-Centric Networks. http://arxiv.org/abs/1405.2861.Google Scholar
Cesar Ghali, Marc A. Schlosberg, Gene Tsudik, and Christopher A. Wood. 2015. Interest-based access control for content centric networks. In ACM Conference on Information-Centric Networking (ICN’15). ACM, 147--158.Google Scholar
Cesar Ghali, Gene Tsudik, and Ersin Uzun. 2014. Elements of trust in named-data and content-centric networking. ACM SIGCOMM Computer Communication Review 44, 5 (2014), 1--10.Google ScholarDigital Library
Cesar Ghali, Gene Tsudik, and Ersin Uzun. 2014. Needle in a haystack: Mitigating content poisoning in named-data networking. In Workshop on Security of Emerging Networking Technologies (SENT’14). Internet Society, 1--10.Google ScholarCross Ref
Cesar Ghali, Gene Tsudik, and Ersin Uzun. 2014. Network-layer trust in named-data networking. SIGCOMM Computer Communications Review 44, 5 (2014), 12--19. Google ScholarDigital Library
Cesar Ghali, Gene Tsudik, Ersin Uzun, and Christopher A. Wood. 2015. Living in a PIT-less world: A case against stateful forwarding in content-centric networking. ArXiv 1512, 07755 (2015), 1--10. http://arxiv.org/abs/1512.07755.Google Scholar
Cesar Ghali, Gene Tsudik, and Christopher Wood. 2016. Network names in content-centric networking. In 3rd ACM Conference on Information-Centric Networking (ACM-ICN’16). ACM, 132--141.Google ScholarDigital Library
Cesar Ghali, Gene Tsudik, and Christopher A. Wood. 2017. When encryption is not enough: Privacy attacks in content-centric networking. In ACM Conference on Information-Centric Networking (ICN’17). ACM, 1--10.Google Scholar
David Goergen, Thibault Cholez, Jérôme François, and Thomas Engel. 2012. Security monitoring for content-centric networking. In International Workshop on Data Privacy Management (DPM’12). Springer, 274--286.Google Scholar
David Goergen, Thibault Cholez, Jérôme François, and Thomas Engel. 2013. A semantic firewall for content-centric networking. In International Symposium on Integrated Network Management (IM’13). IFIP/IEEE.Google Scholar
Aaron D. Goldman, A. Selcuk Uluagac, and John A. Copeland. 2014. Cryptographically-curated file system (CCFS): Secure, inter-operable, and easily implementable information-centric networking. In Conference on Local Computer Networks (LCN’14). IEEE, 142--149.Google Scholar
Pedro Henrique Guimaraes, Lyno Henrique Ferraz, João Vitor Torres, Diogo Mattos, Andres Murillo, Martin Andreoni, Igor Alvarenga, Claudia Rodrigues, and Otto Carlos Duarte. 2013. Experimenting content-centric networks in the future internet testbed environment. In Workshop on Cloud Convergence: Challenges for Future Infrastructures and Services (WCC’13). IEEE, 1403--1407.Google ScholarCross Ref
Balkis Hamdane and Sihem Guemara El Fatmi. 2015. A credential and encryption based access control solution for named data networking. In International Symposium on Integrated Network Management (IM’15). IEEE, 1234--1237.Google ScholarCross Ref
Balkis Hamdane, Sihem Guemara El Fatmi, and Ahmed Serhrouchni. 2014. A novel name-based security mechanism for information-centric networking. In Wireless Communications and Networking Conference (WCNC’14). IEEE, 1--5.Google ScholarCross Ref
Balkis Hamdane, Mounira Msahli, Ahmed Serhrouchni, and Sihem Guemara El Fatmi. 2013. Data-based access control in named data networking. In IEEE International Conference on Collaborative Computing. IEEE, 531--536.Google ScholarCross Ref
Balkis Hamdane, Ahmed Serhrouchni, Ahmad Fadlallah, and Sihem El Fatmi. 2012. Named-data security scheme for named data networking. In International Conference on the Network of the Future (NOF’12). IEEE, 1--6.Google ScholarCross Ref
Do Hyung Kim, SunWook Nam, Jun Bi, and Ikjun Yeom. 2015. Efficient content verification in named data networking. In ACM Conference on Information-centric Networking (ICN’15). ACM, 109--116.Google ScholarDigital Library
Mihaela Ion, Jianqing Zhang, and Eve Schooler. 2013. Toward content-centric privacy in ICN: Attribute-based encryption and routing. In ACM SIGCOMM Workshop on ICN (ICN’13). ACM, 39--40.Google Scholar
Van Jacobson, Diana K. Smetters, James D. Thornton, Michael Plass, Nick Briggs, and Rebecca Braynard. 2012. Networking named content. Communications of the ACM 55, 1 (2012), 117--124.Google ScholarDigital Library
Van Jacobson, Diana K. Smetters, James D. Thornton, Michael F. Plass, Nicholas H. Briggs, and Rebecca L. Braynard. 2009. Networking named content. In International Conference on Emerging Networking Experiments and Technologies (CoNEXT’09). ACM, 1--12.Google Scholar
Jongmin Jeong, Ted “Taekyoung” Kwon, and Yanghee Choi. 2010. Host-oblivious security for content-based networks. In International Conference on Future Internet Technologies (CFI’10). ACM, 35--40.Google Scholar
Amin Karami. 2013. Data clustering for anomaly detection in content-centric networks. International Journal of Computer Applications 81, 7 (2013), 1--8.Google ScholarCross Ref
Amin Karami and Manel Guerrer-Zapata. 2015. An ANFIS-based cache replacement method for mitigating cache pollution attacks in named data networking. Computer Networks 80 (2015), 51--65. Google ScholarDigital Library
Amin Karami and Manel Guerrero-Zapata. 2015. A fuzzy anomaly detection system based on hybrid PSO-kmeans algorithm in content-centric networks. Neurocomputing 149 (2015), 1253--1269.Google ScholarCross Ref
Amin Karami and Manel Guerrero-Zapata. 2015. A hybrid multiobjective RBF-PSO method for mitigating DoS attacks in named data networking. Neurocomputing 151, Part 3 (2015), 1262--1282.Google ScholarCross Ref
Fawad Khan, Sarmad Ullah Khan, Muhammad Roman, and Usman Abbasi. 2014. Location identity based content security scheme for content centric networking. In International Conference on Security of Information and Networks (SIN’14). ACM, 1--6.Google ScholarDigital Library
Sarmad Ullah Khan, Thibault Cholez, Thomas Engel, and Luciano Lavagno. 2013. A key management scheme for content centric networking. In International Symposium on Integrated Network Management (IM’13). IFIP/IEEE, 828--831.Google Scholar
Teemu Koponen, Mohit Chawla, Byung-Gon Chun, Andrey Ermolinskiy, Kye Hyun Kim, Scott Shenker, and Ion Stoica. 2007. A data-0riented (and beyond) network architecture. SIGCOMM Computer Communications Review 37, 4 (2007), 181--192. Google ScholarDigital Library
Jun Kurihara, C. Wood, and Ersin Uzun. 2015. An encryption-based access control framework for content-centric networking. In IFIP Networking. IEEE, 1--9.Google Scholar
Dirk Kutscher, Suyong Eum, Kostas Pentikousis, Ioannis Psaras, Daniel Corujo, Damien Saucez, Thomas Schmidt, and Matthias Wählisch. 2016. Information-Centric Networking (ICN) Research Challenges. RFC 7927.Google Scholar
Tobias Lauinger. 2010. Security and Scalability of Content-Centric Networking. Master’s thesis. Eurecom, Sophia-Antipolis, France and Technische Universität Darmstadt, Germany.Google Scholar
Tobias Lauinger, Nikolaos Laoutaris, Pablo Rodriguez, Thorsten Strufe, Ernst Biersack, and Engin Kirda. 2012. Privacy risks in named data networking: What is the cost of performance? SIGCOMM Computer Communications Review 42, 5 (2012), 54--57.Google ScholarDigital Library
Tobias Lauinger, Thorsten Strufe, Nikolaos Laoutaris, Ernst Biersack, Pablo Rodriguez, and Engin Kirda. 2011. Privacy Implications of Ubiquitous Caching in Named Data Networking Architectures. Technical Report. Technische Universität Darmstadt. TR-iSecLab-0812-001.Google Scholar
Vince Lehman, AKM Mahmudul Hoque, Yingdi Yu, Lan Wang, Beichuan Zhang, and Lixia Zhang. 2016. A Secure Link State Routing Protocol for NDN. Technical Report NDN-0037. NDN. Retrieved from http://named-data.net/techreports.html.Google Scholar
Bing Li, Ashwin Prabhu Verleker, Dijiang Huang, Zhijie Wang, and Yan Zhu. 2014. Attribute-based access control for ICN naming scheme. In IEEE Conference on Communications and Network Security (CNS’14). IEEE, 391--399.Google ScholarCross Ref
Bing Li, Zhijie Wang, Dijiang Huang, and Yan Zhu. 2014. Toward Privacy-preserving Content Access Control for Information Centric Networking. Technical Report. Arizona State University.Google Scholar
Qi Li, Ravi Sandhu, Xinwen Zhang, and Mingwei Xu. 2015. Mandatory content access control for privacy protection in information centric networks. IEEE Transactions on Dependable and Secure Computing PP, 99 (2015), 1--13.Google Scholar
Qi Li, Xinwen Zhang, Qingji Zheng, Ravi Sandhu, and Xiaoming Fu. 2014. LIVE: Lightweight integrity verification and content access control for named data networking. IEEE Transactions on Information Forensics and Security 10, 2 (2014), 308--320.Google ScholarDigital Library
Jonathan Loo and Mahdi Aiash. 2015. Challenges and solutions for secure information-centric networks: A case study of the netinf architecture. Journal of Network and Computer Applications 50 (2015), 64--72. Google ScholarDigital Library
You Lu, Zhiyang Wang, Yu-Ting Yu, Ruolin Fan, and Mario Gerla. 2013. Social network based security scheme in mobile information-centric network. In Mediterranean Ad Hoc Networking Workshop (Med-Hoc-Net’13). IEEE, 1--7.Google ScholarCross Ref
Priya Mahadevan, Ersin Uzun, Spencer Sevilla, and J. J. Garcia-Luna-Aceves. 2014. CCN-KRS: A key resolution service for CCN. In ACM Conference on Information-centric Networking (ICN’14). ACM, 97--106.Google Scholar
Michele Mangili, Fabio Martignon, and Stefano Paraboschi. 2015. A cache-aware mechanism to enforce confidentiality, trackability and access policy evolution in content-centric networks. Computer Networks 76 (2015), 126--145. Google ScholarDigital Library
Elisa Mannes, Carlos Maziero, Luiz Carlos Lassance, and Fàbio Borges. 2015. Optimized access control over encrypted content in information-centric networks. In IEEE Symposium on Computers and Communications (ISCC’15). IEEE, 924--929.Google ScholarDigital Library
Elisa Mannes, Carlos Maziero, Luiz Carlos Lassance, and Fabio Borges. 2016. Assessing the impact of cryptographic access control solutions on multimedia delivery in information-centric networks. In Network Operations and Management Symposium (NOMS’16). IEEE, 427--435.Google ScholarDigital Library
Emmanuel A. Massawe, Suguo Du, and Haojin Zhu. 2013. A scalable and privacy-preserving named data networking architecture based on bloom filters. In International Conference on Distributed Computing Systems Workshops (ICDCSW’13). IEEE, 22--26.Google ScholarDigital Library
Spyridon Mastorakis, Alexander Afanasyev, Ilya Moiseenko, and Lixia Zhang. 2015. ndnSIM 2.0: A New Version of the NDN Simulator for NS-3. Technical Report NDN-0028. NDN.Google Scholar
Friedemann Mattern and Christian Floerkemeier. 2010. From the internet of computers to the internet of things. In From Active Data Management to Event-based Systems and More. Springer, Heildelberg, Germany, 242--259. Google ScholarDigital Library
Giulia Mauri and Giacomo Verticale. 2013. Distributing key revocation status in named data networking. In Advances in Communication Networking. Lecture Notes in Computer Science, Vol. 8115. Springer, Chemnitz, Germany, 310--313.Google Scholar
Giulia Mauri and Giacomo Verticale. 2014. On the tradeoff between performance and user privacy in information centric networking. In Conference on New Technologies, Mobility and Security (NTMS’14). IEEE, 1--5.Google ScholarCross Ref
Satyajayant Misra, Reza Tourani, and Nahid Ebrahimi Majd. 2013. Secure content delivery in information-centric networks: Design, implementation, and analyses. In ACM SIGCOMM Workshop on ICN (ICN’13). ACM, 73--78.Google ScholarDigital Library
Aziz Mohaisen, Hesham Mekky, Xinwen Zhang, Haiyong Xie, and Yongdae Kim. 2014. Timing attacks on access privacy in information centric networks and countermeasures. IEEE Transactions on Dependable and Secure Computing 12, 6 (2014), 675--687.Google ScholarDigital Library
Abedelaziz Mohaisen, Xinwen Zhang, Max Schuchard, Haiyong Xie, and Yongdae Kim. 2012. Protecting access privacy of cached contents in information centric networks. In ACM Conference on Computer and Communications Security (CCS’12). ACM, 1001--1003.Google ScholarDigital Library
NDN Project. 2017. Named Data Networking Project Specifications, v 0.3. Technical Report. Named Data Networking Project. Retrieved from https://named-data.net/project/specifications.Google Scholar
Tan Nguyen, Remi Cogranne, and Guillaume Doyen. 2015. An optimal statistical test for a robust detection of interest flooding attacks in CCN. In IEEE/IFIP International Symposium on Integrated Network Management. IEEE, 1--9.Google ScholarCross Ref
Tan Nguyen, Remi Cogranne, Guillaume Doyen, and Florent Retraint. 2015. Detection of interest flooding attacks in named data networking using hypothesis testing. In IEEE Workshop on Information Forensics and Security (WIFS’15). IEEE, 1--6.Google ScholarCross Ref
Boubakr Nour, Kashif Sharif, Fan Li, Hassine Moungla, and Yang Liu. 2017. M2HAV: A standardized ICN naming scheme for wireless devices in internet of things. In 12th International Conference on Wireless Algorithms, Systems, and Applications (WASA’17). Springer, 289--301.Google ScholarCross Ref
Nonhlanhla Ntuli and Sunyoung Han. 2012. Detecting router cache snooping in named data networking. In International Conference on ICT Convergence (ICTC’12). IEEE, 714--718.Google ScholarCross Ref
John P. Papanis, Stavros I. Papapanagiotou, Aziz S. Mousas, Georgios V. Lioudakis, Dimitra I. Kaklamani, and Iakovos S. Venieris. 2013. On the use of attribute-based encryption for multimedia content pprotection over information-centric networks. Transactions on Emerging Telecommunications Technologies 25, 4 (2013), 422--435. Google ScholarDigital Library
Diego Perino and Matteo Varvello. 2011. A reality check for content centric networking. In ACM SIGCOMM Workshop on ICN (ICN’11). ACM, 44--49.Google ScholarDigital Library
Daniel Posch, Hermann Hellwagner, and Peter Schartner. 2013. On-demand video streaming based on dynamic adaptive encrypted content chunks. In IEEE International Conference on Network Protocols (ICNP’13). IEEE, 1--6.Google ScholarCross Ref
Eric Renault, Abid Ahmad, and Mohamed Abid. 2009. Toward a security model for the future network of information. In International Conference on Ubiquitous Information Technologies Applications (ICUT’09). IEEE, 1--6.Google ScholarCross Ref
Daniel Rezende, Carlos Maziero, and Elisa Mannes. 2018. A distributed online certificate status protocol for named data networks. In ACM Symposium on Applied Computing (SAC’18). ACM, 2102--2108.Google ScholarDigital Library
Igor Ribeiro, Antonio Rocha, Celio Albuquerque, and Flavio Guimarães. 2014. On the possibility of mitigating content pollution in content-centric networking. In Conference on Local Computer Networks (LCN’14). IEEE, 498--501.Google ScholarCross Ref
Lorenzo Saino, Ioannis Psaras, and George Pavlou. 2014. Icarus: A caching simulator for information centric networking (ICN). In International Conference on Simulation Tools and Techniques (SIMUTOOLS). EAI, 1--10.Google ScholarDigital Library
Sandvine. 2014. Sandvine global Internet Phenomena Report: 1H 2014. Retrieved from https://www.sandvine.com/downloads/general/global-internet-phenomena/2014/1h-2014-global-internet-phenomena-report.pdf.Google Scholar
Bruce Schneier. 2012. Liars and Outliers: Enabling the Trust that Society Needs to Thrive (1st ed.). Wiley, New York NY.Google Scholar
Seog Chung Seo, Taehong Kim, and MyeongWuk Jang. 2014. A privacy-preserving approach in content centric networks. In Consumer Communications and Networking Conference (CCNC’14). IEEE, 866--871.Google Scholar
Sapna Singh, Archana Puri, Shiksha Smreti Singh, Anurika Vaish, and S. Venkatesan. 2012. A trust based approach for secure access control in information centric network. International Journal of Information and Network Security (IJINS) 1, 2 (2012), 97--104.Google ScholarCross Ref
Diana Smetters and Van Jacobson. 2009. Securing Network Content. Technical Report. PARC TR-2009-1.Google Scholar
Xiaobin Tan, Zifei Zhou, C. Zou, Yukun Niu, and Xin Chen. 2014. Copyright protection in named data networking. In 6th International Conference on Wireless Communications and Signal Processing (WCSP’14). IEEE, 1--6.Google ScholarCross Ref
Michele Tortelli, Dario Rossi, Gennaro Boggia, and Luigi Alfredo Grieco. 2014. Cross-comparison of ICN software tools. In ACM Conference on Information-centric Networking (ICN’14). ACM, 197--198.Google Scholar
Reza Tourani, Satyajayant Misra, Joerg Kliewer, Scott Ortegel, and Travis Mick. 2015. Catch me if you can: A practical framework to evade censorship in information-centric networks. In ACM Conference on Information-Centric Networking (ICN’15). ACM, 167--176.Google ScholarDigital Library
Reza Tourani, Satyajayant Misra, Travis Mick, and Gaurav Panwar. 2018. Security, privacy, and access control in information-centric networking: A survey. IEEE Communications Surveys Tutorials 20, 1 (2018), 566--600.Google ScholarCross Ref
Gene Tsudik, Ersin Uzun, and Christopher A. Wood. 2014. AC3N: An API and service for anonymous communication in content-centric networking. In Consumer Communications and Networking Conference (CCNC’14). IEEE, 858--865.Google Scholar
Bárbara Vieira and Erik Poll. 2013. A security protocol for information-centric networking in smart grids. In Smart Energy Grid Security Workshop (SEGS’13). ACM, 1--10.Google ScholarDigital Library
Matteo Virgilio, Guido Marchetto, and Riccardo Sisto. 2013. PIT overload analysis in content centric networks. In ACM SIGCOMM Workshop on ICN (ICN’13). ACM, 67--72.Google ScholarDigital Library
Matthias Wählisch, Thomas C. Schmidt, and Markus Vahlenkamp. 2013. Backscatter from the data plane -- Threats to stability and security in information-centric network infrastructure. Computer Networks 57, 16 (2013), 3192--3206. Google ScholarDigital Library
Matthias Wählisch, Thomas C. Schmidt, and Markus Vahlenkamp. 2013. Lessons from the past: Why data-driven states harm future information-centric networking. In International Conference on Networking (IFIP Networking’13). IEEE, 1--9.Google Scholar
Kai Wang, Jia Chen, Huachun Zhou, and Yajuan Qin. 2012. Content-centric networking: Effect of content caching on mitigating DoS attack. International Journal of Computer Science Issues 9, 6 (2012), 43--52.Google Scholar
Kai Wang, Jia Chen, Huachun Zhou, Yajuan Qin, and Hongke Zhang. 2013. Modeling denial-of-service against pending interest table in named data networking. International Journal of Communication Systems 26 (2013), 1--14. Google ScholarDigital Library
Kai Wang, Huachun Zhou, Yajuan Qin, Jia Chen, and Hongke Zhang. 2013. Decoupling malicious interests from pending interest table to mitigate interest flooding attacks. In IEEE International Workshop on Management of Emerging Networks and Services (Globecom). IEEE, 963--968.Google Scholar
Yu Wang, Mingwei Xu, Zhen Feng, Qing Li, and Qi Li. 2014. Session-based access control in information-centric networks: Design and analyses. In IEEE International Performance Computing and Communication Conference (IPCCC’14). IEEE, Austin TX, USA, 1--8.Google ScholarCross Ref
Walter Wong and Maurício Ferreira Magalhães. 2012. Security approaches for information-centric networking. In Applied Cryptography and Network Security. Springer, 76--98.Google Scholar
Walter Wong and Pekka Nikander. 2010. Secure naming in information-centric networks. In Re-Architecting the Internet Workshop. ACM, 1--6. Google ScholarDigital Library
Christopher Wood and Ersin Uzun. 2014. Flexible end-to-end content security in CCN. In Consumer Communications and Networking Conference (CCNC’14). IEEE, 1--8.Google ScholarCross Ref
Mengjun Xie, Indra Widjaja, and Haining Wang. 2012. Enhancing cache robustness for content-centric networking. In International Conference on Computer Communications (INFOCOM’12). IEEE, 2426--2434.Google Scholar
Zhiwei Xu, Bo Chen, Ninghan Wang, Yujun Zhang, and Zhongcheng Li. 2015. ELDA: Towards efficient and lightweight detection of cache pollution attacks in NDN. In Conference on Local Computer Networks (LCN’15). IEEE, 1--9. Google ScholarDigital Library
Cheng Yi, Alexander Afanasyev, Ilya Moiseenko, Lan Wang, Beichuan Zhang, and Lixia Zhang. 2013. A case for stateful forwarding plane. Computer Communication 36, 7 (2013), 779--791. Google ScholarDigital Library
Yingdi Yu, Alexander Afanasyev, David Clark, K. C. Claffy, Van Jacobson, and Lixia Zhang. 2015. Schematizing trust in named data networking. In ACM Conference on Information-Centric Networking (ICN’15). ACM, 177--186.Google ScholarDigital Library
Yingdi Yu, Alexander Afanasyev, Jan Seedorf, Zhiyi Zhang, and Lixia Zhang. 2017. NDN DeLorean: An authentication system for data archives in named data networking. In ACM Conference on Information-Centric Networking (ICN’17). ACM, 11--21.Google ScholarDigital Library
Guoqiang Zhang, Yang Li, and Tao Lin. 2013. Caching in information centric networking: A survey. Computer Networks 57, 16 (2013), 3128--3141. Google ScholarDigital Library
Jianqing Zhang, Qinghua Li, and Eve Schooler. 2012. iHEMS: An information-centric approach to secure home energy management. In International Conference on Smart Grid Communications (SmartGridComm’12). IEEE, 217--222.Google ScholarCross Ref
Lixia Zhang, Alexander Afanasyev, Jeffrey Burke, Van Jacobson, K. C. Claffy, Patrick Crowley, Christos Papadopoulos, Lan Wang, and Beichuan Zhang. 2014. Named data networking. ACM SIGCOMM Computer Communication Review 44, 3 (2014), 66--73.Google ScholarDigital Library
Lixia Zhang, Deborah Estrin, Jeffrey Burke, Van Jacobson, James Thornton, Diana Smetters, Beichuan Zhang, Gene Tsudik, K. C. Claffy, Dmitri Krioukov, Dan Massey, Christos Papadopoulos, Tarek Abdelzaher, Lan Wang, Patrick Crowley, and Edmund Yeh. 2010. Named Data Networking (NDN) Project. Technical Report NDN-0001. NDN Project.Google Scholar
Xinwen Zhang, Katharine Chang, Huijun Xiong, Yonggang Wen, Guangyu Shi, and Guoqiang Wang. 2011. Towards name-based trust and security for content-centric network. In International Conference on Network Protocols (ICNP’11). IEEE, 1--6.Google ScholarDigital Library
Zhenkai Zhu, Jeff Burke, Lixia Zhang, Paolo Gasti, Yanbin Lu, and Van Jacobson. 2011. A new approach to securing audio conference tools. In Asian Internet Engineering Conference (AINTEC’11). ACM, 120--123.Google ScholarDigital Library

Index Terms

Naming Content on the Network Layer: A Security Analysis of the Information-Centric Network Model
1. Networks

Recommendations

Denial of Service against the Domain Name System

Because many network services rely on the Domain Name System, denial-of-service attacks against it can be particularly damaging. This article analyzes such threats and reviews existing and proposed countermeasures for addressing them.

Read More
Countermeasures for timing-based side-channel attacks against shared, modern computing hardware

There are several vulnerabilities in computing systems hardware that can be exploited by attackers to carry out devastating microarchitectural timing-based side-channel attacks against these systems and as a result compromise the security of the users of ...
Read More
An attack scenario and mitigation mechanism for enterprise BYOD environments

The recent proliferation of the Internet of Things (IoT) technology poses major security and privacy concerns. Specifically, the use of personal IoT devices, such as tablets, smartphones, and even smartwatches, as part of the Bring Your Own Device (BYOD)...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Computing Surveys Volume 52, Issue 3
May 2020
734 pages
ISSN:0360-0300
EISSN:1557-7341
DOI:10.1145/3341324
Editor:
Sartaj Sahni
Department of Computer and Information Science and Engineering
Issue’s Table of Contents
Copyright © 2019 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 18 June 2019
- Accepted: 1 February 2019
- Revised: 1 October 2018
- Received: 1 June 2017
Published in csur Volume 52, Issue 3

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Information-centric network security
attack classification
countermeasures
threat analysis
Qualifiers
- survey
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 20
  Total Citations
  View Citations
- 813
  Total Downloads
- Downloads (Last 12 months)52
- Downloads (Last 6 weeks)9
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format .

View HTML Format

Naming Content on the Network Layer: A Security Analysis of the Information-Centric Network Model

ACM Computing Surveys

Abstract

References

Cited By

Index Terms

Recommendations

Denial of Service against the Domain Name System

Countermeasures for timing-based side-channel attacks against shared, modern computing hardware

An attack scenario and mitigation mechanism for enterprise BYOD environments