Security issues and Counter-measuresNamed Data Network

Team 02 – Group 10

Arvind M(2010103507)Hitesh Kumar R(2010103011)

Venkatakrishnan R(2010103551)

Dr.V.VetriselviAssociate Professor

Abstract

• Named Data Networking, like any internet architecture is vulnerable to attacks.

• The routers is vulnerable to attacks on the content store and pending interest table, which are components of a router in Named Data Networking.

• Various attacks such as pollution attack, poisoning attack, flooding attack and privacy attacks.

• Aimed at resolving those attacks.

Introduction

Introduction

• Uses name to route and retrieve content.• Router contains– Content Store (CS) – cache used for content caching and

retrieval.– Forwarding Interest Base (FIB) – routing table of name

prefixes and corresponding outgoing interfaces (to route interests).

– Pending Interest Table (PIT) – table of currently not yet- satisfied (pending) interests and a set of corresponding incoming interfaces.

Introduction

• Named data network to overcome the shortcomings of IP architecture.

• Caching at router - increased performance, degrades privacy concerns.

• Constant trade off between performance and security.

IntroductionProblems?• Past communication of one user transited through cache.• Cached voice data, even if encrypted, indicate that a phone

call is going on, and its addressing metadata can leak who is communicating with whom.

• Breach of privacy !!!

Introduction

• False producer may interrupt and provide the false content -- cache poisoning attack

• No trust mechanism !!!• cache pollution attack, the goal of the adversary is to force

routers (i.e., the victims of the attack) to cache non-popular content

• The attacker generates a large number of closely spaced interest packets, aiming to overflow PIT’s in routers-Interest Flooding attack

Related WorkPaper Author Problem dealt Solution What we

concluded

Named data networking for military communication system (2012)

Basil Etefia, Lixia zhang

Problem with IP based protocol in military application

Named data network replacing IP protocol

NDN – a future way to get content across network

Scalable NDN forwarding (2012)

Haowei Yaun, Tian Song, Patrick Crowley

Difficulty in designing and evaluating scalable NDN forwarding node

Making forwarding plane with fast name lookup

NDN – scalability issue reasonably solved

Supporting seamless mobility in NDN (2012)

Ravishankar, Lo, Zhang, Wang

IP problem in mobility in real time application

Proposed three cross layer network-assisted seamless mobility shemes

NDN - Mobility no longer a problem

Related WorkPaper Author Problem dealt Solution What we

concluded

Effective caching schemes for minimizing inter-ISP Traffic in NDN(2012)

Jun Li, Hao Wu, Bin Liu, Jianyuan

Increased Inter-ISP traffic across network

InterISP traffic savings achieved through caching

NDN – caching improving performance

Detecting router cache snooping in NDN(2012)

Nonhlanhla Ntuli, Sunyoung Han

Caching at router – snooping of data , possible

Detects snooping in low level routers.

Detection limited to customers limited to same router cache

Named-data security scheme for NDN(2012)

Hamdane, Serhrouchni, Fadlallah, Fatmi

Existing Security enhancement

PKI and HIBC proposed to defend potential attack

NDN – Security still requires enhancement

Related WorkPaper Author Problem dealt Solution What we

concluded

Interest Propagation in named data MANETs(2012)

Yu, Dilmaghani, Calo, Sanadidi, and Mario Gerla

Mobility and connectivity challenges in MANETs

Proposed Listen-First Broadcast later and Neighbourhood-Aware Interest forwarding

NDN – Decreased bandwidth usage and shortens response time in mobility

Supervisor application for content management in NDN(2012)

Kusunoski, Kawahara, Asami

Difficulty in managing copyright violation by content in network

Deletion illegal content in network by content owner

NDN – providing firewall to content at routers. But the proposed suffers from security and scaling loopholes

Privacy Risk in NDN(2012)

Laugier, Laoutaries, Rodriguez

Privacy issues at caching

Assessing Sensitivity of data difficult

Privacy of data need to be ensured

Related WorkPaper Author Problem dealt Solution What we

concluded

Cache Privacy in Named-Data Networking(2012)

Acs, Contiy, Gastiz, Ghalix, Tsudik

Problem in privacy of both consumers and producers of content

Consumers andProducers indicate which content is privacy-sensitive and proposed various algorithms

Trade off between privacy and latency

DoS & DDoS in Named Data Networking(2013)

Gasti, Tsudik, Uzun, and Zhang

cache poisoning and DoS attack

Identifying, assessment and counter-measures to mitigate effect

Evaluating effectiveness of counter-measure difficult

Interest flooding attack and countermeasures in NDN(2013)

Afanasyev, Mahadevany, Moiseenko, Uzuny, Zhang

DDoS attack - interest flooding attack

restrict the number of Interests forwarded -satisfaction-based pushback algorithm

Complex with increased security

Related WorkPaper Author Problem dealt Solution What we

concluded

lightweight mechanism for detection of cache pollution attacks(2013)

Mauro Conti, Paolo Gasti, Marco Teoli

locality-disruption and false-locality of content

Cache shield - keeps track of absolute number of repeated requests, and ratio of repeated requests over number of cache hits

do not address attack reaction techniques

Block Diagram

Proposed System

• The research related to security in NDN is scattered across many papers and some are only proposed and not implemented practically.

• We take into consideration the most important of an NDN router-the Content store along with Pending Information Table (PIT) and we try to find its vulnerabilities to different attacks.

• We will detect and propose the different algorithms to solve these security vulnerabilities and we will try to implement it in a simulator and measure its performance along with its security.

Input and Output

• To the entire system:– Input:

Unsecured data transmission with lots of vulnerabilities in the router.

– Output: Secured data transmission and storage

minimizing all attacks, without affecting the performance of the router.

Modules Input OutputCache Privacy Attack Module An interest(request for

content)Secure Content object without revealing its privacy(cache miss or cache hit)

Cache Poisoning Attack Module

Content Store containing legitimate contents or fake contents or corrupted contents.

Content Store with only legitimate contents(Prevent cache poisoning by limiting the bandwidth to the adversary)

Cache Pollution Attack Content Store with relevant or irrelevant(caching contents with the aim of polluting the content store) content objects.

Content Store with only relevant content objects(irrelevant contents are removed and a strict action is taken against the adversary)

Interest Flooding Attack PIT infiltrated with Interests with the aim of affecting its performance.

Clean PIT(Detection the harmful interests and taking appropriate actions)

• To individual Modules

Details of Each Module

1. Cache Privacy attack module– Based on the cache hits and cache misses of a content in

the router, an adversary can detect whether the content is previously cached and is requested by some user in the same network or organisation, or not.

– So, first, the content sensitivity(private or not private) is determined by producer-driven or consumer-driven approach.

– A special privacy bit in the interest or the the content header determines the privacy of the content requested by the consumer or responded by the producer respectively.

– Now, Requests for non-private cached content always result in a cache-hit if its present in Content Store. While the requests for private cached content is handled by random caching algorithm.

– Random caching algorithm:• This module maintains a counter cC for each Content C.

The first request for C always is a cache miss, and cC is initialized to 0. Also, kC is picked from [0;K) according to a distribution on domain [0;K), described by a random variable K. Upon receipt of a new request for C, the router increments cC and checks whether cC <= kC. If so, it generates a cache miss and a cache hit otherwise.

– Thus, since it’s based on a random variable, it’s not possible for an attacker to find whether a content is private and if it’s accessed by anyone in his network.

2. Cache Pollution Attack module:

– Routers can learn how the traffic is distributed by counting how often each content object is returned in response to an interest.

– Therefore, we can determine cache pollution by using a detection algorithm of learning and testing against the standard normal retrieval frequency of a content in the content store.

3. Cache Poisoning attack module:

– Routers can do signature verification for its content to prevent cache poisoning. However it causes too much overhead.

– Therfore, we introduce a trust value T E [0; 1] for each content in a router’s cache where the trust value is calculated from explicit consumer feedback and neighbour feedback.

– T = 1 indicates that the corresponding content has been verified, while T = 0 indicates that it should be selected for verification with probability proportional to 1 - T

– A new content is assigned T = 0.5. This value increases every time the content is forwarded, and decreases whenever the router receives negative feedback.

– When a neighbour(router) determines that a given content is corrupted, it issues a special warning interest on all its interfaces, thus giving out neighbouring feedback.

4. Interest Flooding attack module:

– Mainly, there are two types of interest flooding attacks based on the type of content requested – one is non-existent and the other is dynamically-generated.

– Using the time-outs and tracking how often time-outs occur in PIT, we can determine the non-existent interest flooding attack.

– For dynamically generated content, we can set the PIT quota for incoming interface from the consumer to prevent it from flooding it and for outgoing interface to the producer to prevent the DoS attack on the server.

Cache Privacy Attack Module (Pseudo-Code)

• Input: Interest Header (specifically privacy bit)

• Output: Cache Hit or Cache miss

Cache Pollution Attack Module (Pseudo-Code)

• Establishing Standard for normal retrieval frequency of content from Content Store

• (How many Cache Hits for Standard Cache Requests)• Input: Standard Cache Hits for standard Cache requests,

Standard Cache Requests• Output: Empty Cache or not

Cache Poisoning Attack Module (Pseudo-Code)

• Input: Neighbour Feedback, Trust value (if present), Consumer Feedback

• Output: Verification required or not

Flooding Attack Module (Pseudo-Code)

• Input: Standard PIT quota for a single consumer, Standard number of timeouts for some standard number of requests, interest requests, timeout

• Output: Discarding the request or not, Clearing the PIT or not

Feedback

Consumer feedback• To report on sensitivity of data• To claim the content received to be false one

Neighbor feedback• To receive warning from the neighboring router• To make correction in priority of data in CS based on

received warning

Demonstration

• At the end of this project, many security concerns and privacy concerns related to NDN router will be addressed and analysed in detail. NDN router will be made more secure. Also, the prevention and detection techniques will be provided. We point out all the possible strategies to mitigate the attacks router is dealing with.

• Its simulation will be demonstrated and explained clearly. NDNsim will be used for its demonstration. The security providing components might be a trade-off for performance but we promise to strive for a perfect balance between security and performance.

Tools

• NDN-Sim is a tool used to model the router and its functionalities.

• The existing functionalities (content store, pending information table) are extended to accommodate our security features.

Performance Evaluation

• The performance will be measured and we will try to make sure that the performance will not be lessened because of the extra security modules in our modified prototype. Security will be measured against real time attacks to prove its worth.

• Comparisons will be made to the standard TCP/IP protocol in terms of its performance, security and feasibility. Performance will be compared for NDN with our security modules against NDN router without security.

Performance Evaluation

• In case of privacy check, the performance measured as the degree of random access to cache (content store) with privacy bit set in interest packet request.

• Larger the degree of randomness in algorithm for a cache hit, greater the privacy achieved.

• In pollution check, more the frequency of access in the content store for a content object, greater is the life span of object in cache.

Performance Evaluation

• In poisoning attack, Performance measured as the number of content objects in content store, correctly marked as a legitimate one.

• The above measurement is based on the correct feedback from consumer and neighbouring routers.

• In flooding attack, performance determined by number of non existent request correctly discarded.

• This is measured by setting optimal timeout upon making interest packet request.

References[1] G. Acs, M. Conti, P. Gasti, C. Ghali, G. Tsudik, “Cache privacy in named data networking, in ICDCS

2013”, 2013.[2] A. Chaabane, E. De Cristofaro, M. Kafaar, E. Uzun, “Privacy in Content-Oriented Networking: Threats

and Countermeasures, in SIGCOMM Computer Communication Review (CCR)”, July 2013.[3] Mauro Conti, Paolo Gasti and Marco Teoli ,” A Lightweight Mechanism for Detection of Cache

Pollution Attacks in Named Data Networking, in Elsevier Journal on Computer Networks (COMNET), Special Issue on Mobile Computing for Content/Service Oriented Networking Architecture (2013)”, 2013.

[4] Paolo Gasti, Gene Tsudik, Ersin Uzun, and Lixia Zhang, “DoS & DDoS in Named Data Networking, in Proceedings of ICCCN 2013”, 2013.

[5] A. Afanasyev, P. Mahadevan, I. Moiseenko, E. Uzun, and L. Zhang, “Interest Flooding Attack and Countermeasures, in Named Data Networking in Proceedings of IFIP Networking 2013”, 2013.

[6] H. Yuan and P. Crowley, “Experimental Evaluation of Content Distribution with NDN and HTTP”, in Proceedings of IEEE INFOCOM 2013 Mini-Conference, April 2013.

[7] Alberto Compagno, Mauro Conti, Paolo Gasti and Gene Tsudik ,” Poseidon: Mitigating Interest Flooding DDoS Attacks in Named Data Networking”, in 38th Annual IEEE Conference on Local Computer Networks (LCN 2013), 2013.

[8] V. Jacobson, D. K. Smetters, J. D. Thornton, M. F. Plass, N. H. Briggs, R. L. Braynard, “Networking Named Content”, in CoNEXT 2009, Rome, December 2009.

[9] CCNx Node Model. http://www.ccnx.org/releases/latest/doc/technical/CCNxProtocol.html.[10] Content centric networking (CCNx) project. http://www.ccnx.org.