Proactive detection of DDOS attacks in Publish-Subscribe networks

Information centric networking (ICN) using architectures such as Publish-Subscribe Internet Routing Paradigm (PSIRP) or Publish-Subscribe Internet Technology (PURSUIT) has been proposed as an important candidate for the Internet of the future. ICN is an emerging research area that proposes a transformation of the current host centric Internet architecture into an architecture where information items are of primary importance. This change allows network functions such as routing and locating to be optimized based on the information items themselves. The Bloom filter based content delivery is a source routing scheme that is used in the PSIRP/PURSUIT architectures. Although this mechanism solves many issues of today’s Internet such as the growth of the routing table and the scalability problems, it is vulnerable to distributed denial-of-service (DDoS) attacks. In this paper, we present a new content delivery scheme that has the advantages of Bloom filter based approach while at the same time being able to prevent DDoS attacks on the forwarding mechanism. Our security analysis suggests that with the proposed approach, the forwarding plane is able to resist attacks such as DDoS with very high probabilit

On Constructing Persistent Identifiers with Persistent Resolution Targets

Persistent Identifiers (PID) are the foundation referencing digital assets in scientific publications, books, and digital repositories. In its realization, PIDs contain metadata and resolving targets in form of URLs that point to data sets located on the network. In contrast to PIDs, the target URLs are typically changing over time; thus, PIDs need continuous maintenance -- an effort that is increasing tremendously with the advancement of e-Science and the advent of the Internet-of-Things (IoT). Nowadays, billions of sensors and data sets are subject of PID assignment. This paper presents a new approach of embedding location independent targets into PIDs that allows the creation of maintenance-free PIDs using content-centric network technology and overlay networks. For proving the validity of the presented approach, the Handle PID System is used in conjunction with Magnet Link access information encoding, state-of-the-art decentralized data distribution with BitTorrent, and Named Data Networking (NDN) as location-independent data access technology for networks. Contrasting existing approaches, no green-field implementation of PID or major modifications of the Handle System is required to enable location-independent data dissemination with maintenance-free PIDs.Comment: Published IEEE paper of the FedCSIS 2016 (SoFAST-WS'16) conference, 11.-14. September 2016, Gdansk, Poland. Also available online: http://ieeexplore.ieee.org/document/7733372

Information Centric Networking in the IoT: Experiments with NDN in the Wild

This paper explores the feasibility, advantages, and challenges of an ICN-based approach in the Internet of Things. We report on the first NDN experiments in a life-size IoT deployment, spread over tens of rooms on several floors of a building. Based on the insights gained with these experiments, the paper analyses the shortcomings of CCN applied to IoT. Several interoperable CCN enhancements are then proposed and evaluated. We significantly decreased control traffic (i.e., interest messages) and leverage data path and caching to match IoT requirements in terms of energy and bandwidth constraints. Our optimizations increase content availability in case of IoT nodes with intermittent activity. This paper also provides the first experimental comparison of CCN with the common IoT standards 6LoWPAN/RPL/UDP.Comment: 10 pages, 10 figures and tables, ACM ICN-2014 conferenc

Utilizing ICN/CCN for service and VM migration support in virtualized LTE systems

One of the most important concepts used in mobile networks, like LTE (Long Term Evolution) is service continuity. A mobile user moving from one network to another network should not lose an on-going service. In cloud-based (virtualized) LTE systems, services are hosted on Virtual Machines (VMs) that can be moved and migrated across multiple networks to such locations where these services can be well delivered to mobile users. The migration of the (1) VMs and (2) the services running on such VMs, should happen in such a way that the disruption of an on-going service is minimized. In this paper we argue that a technology that can efficiently be used for supporting service and VM migration is the ICN/CCN (Information Centric Networking / Content Centric Networking) technology

CCTCP: A scalable receiver-driven congestion control protocol for content centric networking

Abstract—Content Centric Networking (CCN) is a recently proposed information-centric Internet architecture in which the main network abstraction is represented by location-agnostic content identifiers instead of node identifiers. In CCN each content object is divided into packet-size chunks. When a content object is transferred, routers on the path can cache single chunks which they can use to serve subsequent requests from other users. Since content chunks in CCN may be retrieved from a number of different nodes/caches, implicit-feedback transport protocols will not be able to work efficiently, because it is not possible to set an appropriate timeout value based on RTT estimations given that the data source may change frequently during a flow. In order to address this problem, we propose in this paper a scalable, implicit-feedback congestion control protocol, capable of coping with RTT unpredictability using a novel anticipated interests mechanism to predict the location of chunks before they are actually served. Our evaluation shows that our protocol outperforms similar receiver-driven protocols, in particular when content chunks are scattered across network paths due to reduced cache sizes, long-tail content popularity distribution or the adoption of specific caching policies. I

Towards Disruption Tolerant ICN

Information-Centric Networking (ICN) is a promi- nent topic in current networking research. ICN design signifi- cantly considers the increased demand of scalable and efficient content distribution for Future Internet. However, intermittently connected mobile environments or disruptive networks present a significant challenge to ICN deployment. In this context, delay tolerant networking (DTN) architecture is an initiative that effec- tively deals with network disruptions. Among all ICN proposals, Content Centric Networking (CCN) is gaining more and more interest for its architectural design, but still has the limitation in highly disruptive environment. In this paper, we design a protocol stack referred as CCNDTN which integrates DTN architecture in the native CCN to deal with network disruption. We also present the implementation details of the proposed CCNDTN. We extend CCN routing strategies by integrating Bundle protocol of DTN architecture. The integration of CCN and DTN enriches the connectivity options of CCN architecture in fragmented networks. Furthermore, CCNDTN can be beneficial through the simultaneous use of all available connectivities and opportunistic networking of DTN for the dissemination of larger data items. This paper also highlights the potential use cases of CCNDTN architecture and crucial questions about integrating CCN and DTNComment: ISCC 201