Covert Ephemeral Communication in Named Data Networking

In the last decade, there has been a growing realization that the current Internet Protocol is reaching the limits of its senescence. This has prompted several research efforts that aim to design potential next-generation Internet architectures. Named Data Networking (NDN), an instantiation of the content-centric approach to networking, is one such effort. In contrast with IP, NDN routers maintain a significant amount of user-driven state. In this paper we investigate how to use this state for covert ephemeral communication (CEC). CEC allows two or more parties to covertly exchange ephemeral messages, i.e., messages that become unavailable after a certain amount of time. Our techniques rely only on network-layer, rather than application-layer, services. This makes our protocols robust, and communication difficult to uncover. We show that users can build high-bandwidth CECs exploiting features unique to NDN: in-network caches, routers' forwarding state and name matching rules. We assess feasibility and performance of proposed cover channels using a local setup and the official NDN testbed

Managing scientific data with named data networking

Many scientific domains, such as climate science and High Energy Physics (HEP), have data management requirements that are not well supported by the IP network architecture. Named Data Networking (NDN) is a new network architecture whose service model is better aligned with the needs of data-oriented applications. NDN provides features such as best-location retrieval, caching, load sharing, and transparent failover that would otherwise be painstakingly (re-)implemented by each application using point-to-point semantics in an IP network. We present the first scientific data management application designed and implemented on top of NDN. We use this application to manage climate and HEP data over a dedicated, high-performance, testbed. Our application has two main components: a UI for dataset discovery queries and a federation of synchronized name catalogs. We show how NDN primitives can be used to implement common data management operations such as publishing, search, efficient retrieval, and publication access control

Poseidon: Mitigating Interest Flooding DDoS Attacks in Named Data Networking

Content-Centric Networking (CCN) is an emerging networking paradigm being considered as a possible replacement for the current IP-based host-centric Internet infrastructure. In CCN, named content becomes a first-class entity. CCN focuses on content distribution, which dominates current Internet traffic and is arguably not well served by IP. Named-Data Networking (NDN) is an example of CCN. NDN is also an active research project under the NSF Future Internet Architectures (FIA) program. FIA emphasizes security and privacy from the outset and by design. To be a viable Internet architecture, NDN must be resilient against current and emerging threats. This paper focuses on distributed denial-of-service (DDoS) attacks; in particular we address interest flooding, an attack that exploits key architectural features of NDN. We show that an adversary with limited resources can implement such attack, having a significant impact on network performance. We then introduce Poseidon: a framework for detecting and mitigating interest flooding attacks. Finally, we report on results of extensive simulations assessing proposed countermeasure.Comment: The IEEE Conference on Local Computer Networks (LCN 2013

Mobility Study for Named Data Networking in Wireless Access Networks

Information centric networking (ICN) proposes to redesign the Internet by replacing its host-centric design with information-centric design. Communication among entities is established at the naming level, with the receiver side (referred to as the Consumer) acting as the driving force behind content delivery, by interacting with the network through Interest message transmissions. One of the proposed advantages for ICN is its support for mobility, by de-coupling applications from transport semantics. However, so far, little research has been conducted to understand the interaction between ICN and mobility of consuming and producing applications, in protocols purely based on information-centric principles, particularly in the case of NDN. In this paper, we present our findings on the mobility-based performance of Named Data Networking (NDN) in wireless access networks. Through simulations, we show that the current NDN architecture is not efficient in handling mobility and architectural enhancements needs to be done to fully support mobility of Consumers and Producers.Comment: to appear in IEEE ICC 201