Name Filter: A Countermeasure against Information Leakage Attacks in Named Data Networking

International audienceNamed Data Networking (NDN) has emerged as a future networking architecture having thepotential to replace the Internet. In order to do so, NDN needs to cope with inherent problems of the Internetsuch as attacks that cause information leakage from an enterprise. Since NDN has not yet been deployed ona large scale, it is currently unknown how such attacks can occur, let alone what countermeasures can betaken against them. In this study, we first show that information leakage in NDN, can be caused by malwareinside an enterprise, which uses steganography to produce malicious Interest names encoding confidentialinformation. We investigate such attacks by utilizing a content name dataset based on uniform resourcelocators (URLs) collected by a web crawler. Our main contribution is a name filter based on anomalydetection that takes the dataset as input and classifies a name in the Interest as legitimate or not. Ourevaluation shows that malware can exploit the path part in the URL-based NDN name to create maliciousnames, thus, information leakage in NDN cannot be prevented completely. However, we illustrate for thefirst time that our filter can dramatically choke the leakage throughput causing the malware to be 137 timesless efficient at leaking information. This finding opens up an interesting avenue of research that could resultin a safer future networking architecture