Content-Centric Networking at Internet Scale through The Integration of Name Resolution and Routing

We introduce CCN-RAMP (Routing to Anchors Matching Prefixes), a new approach to content-centric networking. CCN-RAMP offers all the advantages of the Named Data Networking (NDN) and Content-Centric Networking (CCNx) but eliminates the need to either use Pending Interest Tables (PIT) or lookup large Forwarding Information Bases (FIB) listing name prefixes in order to forward Interests. CCN-RAMP uses small forwarding tables listing anonymous sources of Interests and the locations of name prefixes. Such tables are immune to Interest-flooding attacks and are smaller than the FIBs used to list IP address ranges in the Internet. We show that no forwarding loops can occur with CCN-RAMP, and that Interests flow over the same routes that NDN and CCNx would maintain using large FIBs. The results of simulation experiments comparing NDN with CCN-RAMP based on ndnSIM show that CCN-RAMP requires forwarding state that is orders of magnitude smaller than what NDN requires, and attains even better performance

Data Structures and Algorithms for Scalable NDN Forwarding

Named Data Networking (NDN) is a recently proposed general-purpose network architecture that aims to address the limitations of the Internet Protocol (IP), while maintaining its strengths. NDN takes an information-centric approach, focusing on named data rather than computer addresses. In NDN, the content is identified by its name, and each NDN packet has a name that specifies the content it is fetching or delivering. Since there are no source and destination addresses in an NDN packet, it is forwarded based on a lookup of its name in the forwarding plane, which consists of the Forwarding Information Base (FIB), Pending Interest Table (PIT), and Content Store (CS). In addition, as an in-network caching element, a scalable Repository (Repo) design is needed to provide large-scale long-term content storage in NDN networks. Scalable NDN forwarding is a challenge. Compared to the well-understood approaches to IP forwarding, NDN forwarding performs lookups on packet names, which have variable and unbounded lengths, increasing the lookup complexity. The lookup tables are larger than in IP, requiring more memory space. Moreover, NDN forwarding has a read-write data plane, requiring per-packet updates at line rates. Designing and evaluating a scalable NDN forwarding node architecture is a major effort within the overall NDN research agenda. The goal of this dissertation is to demonstrate that scalable NDN forwarding is feasible with the proposed data structures and algorithms. First, we propose a FIB lookup design based on the binary search of hash tables that provides a reliable longest name prefix lookup performance baseline for future NDN research. We have demonstrated 10 Gbps forwarding throughput with 256-byte packets and one billion synthetic forwarding rules, each containing up to seven name components. Second, we explore data structures and algorithms to optimize the FIB design based on the specific characteristics of real-world forwarding datasets. Third, we propose a fingerprint-only PIT design that reduces the memory requirements in the core routers. Lastly, we discuss the Content Store design issues and demonstrate that the NDN Repo implementation can leverage many of the existing databases and storage systems to improve performance

Information-Centric Design and Implementation for Underwater Acoustic Networks

Over the past decade, Underwater Acoustic Networks (UANs) have received extensive attention due to their vast benefits in academia and industry alike. However, due to the overall magnitude and harsh characteristics of underwater environments, standard wireless network techniques will fail because current technology and energy restrictions limit underwater devices due to delayed acoustic communications. To help manage these limitations we utilize Information-Centric Networking (ICN). More importantly, we look at ICN\u27s paradigm shift from traditional TCP/IP architecture to improve data handling and enhance network efficiency. By utilizing some of ICN\u27s techniques, such as data naming hierarchy, we can reevaluate each component of the network\u27s protocol stack given current underwater limitations to study the vast solutions and perspectives Information-Centric architectures can provide to UANs. First, we propose a routing strategy used to manage and route large data files in a network prone to high mobility. Therefore, due to UANs limited transmitting capability, we passively store sensed data and adaptively find the best path. Furthermore, we introduce adapted Named Data Networking (NDN) components to improve upon routing robustness and adaptiveness. Beyond naming data, we use tracers to assist in tracking stored data locations without using other excess means such as flooding. By collaborating tracer consistency with routing path awareness our protocol can adaptively manage faulty or high mobility nodes. Through this incorporation of varied NDN techniques, we are able to see notable improvements in routing efficiency. Second, we analyze the effects of Denial of Service (DoS) attacks on upper layer protocols. Since UANs are typically resource restrained, malicious users can advantageously create fake traffic to burden the already constrained network. While ICN techniques only provide basic DoS restriction we must expand our detection and restriction technique to meet the unique demands of UANs. To provide enhanced security against DoS we construct an algorithm to detect and restrict against these types of attacks while adapting to meet acoustic characteristics. To better extend this work we incorporate three node behavior techniques using probabilistic, adaptive, and predictive approaches for detecting malicious traits. Thirdly, to depict and test protocols in UANs, simulators are commonly used due to their accessibility and controlled testing aspects. For this section, we review Aqua-Sim, a discrete event-driven open-source underwater simulator. To enhance the core aspect of this simulator we first rewrite the current architecture and transition Aqua-Sim to the newest core simulator, NS-3. Following this, we clean up redundant features spread out between the various underwater layers. Additionally, we fully integrate the diverse NS-3 API within our simulator. By revamping previous code layout we are able to improve architecture modularity and child class expandability. New features are also introduced including localization and synchronization support, busy terminal problem support, multi-channel support, transmission range uncertainty modules, external noise generators, channel trace-driven support, security module, and an adapted NDN module. Additionally, we provide extended documentation to assist in user development. Simulation testing shows improved memory management and continuous validity in comparison to other underwater simulators and past iterations of Aqua-Sim

Deux défis des Réseaux Logiciels : Relayage par le Nom et Vérification des Tables

The Internet changed the lives of network users: not only it affects users' habits, but it is also increasingly being shaped by network users' behavior.Several new services have been introduced during the past decades (i.e. file sharing, video streaming, cloud computing) to meet users' expectation.As a consequence, although the Internet infrastructure provides a good best-effort service to exchange information in a point-to-point fashion, this is not the principal need that todays users request. Current networks necessitate some major architectural changes in order to follow the upcoming requirements, but the experience of the past decades shows that bringing new features to the existing infrastructure may be slow.In this thesis work, we identify two main aspects of the Internet evolution: a “behavioral” aspect, which refers to a change occurred in the way users interact with the network, and a “structural” aspect, related to the evolution problem from an architectural point of view.The behavioral perspective states that there is a mismatch between the usage of the network and the actual functions it provides. While network devices implement the simple primitives of sending and receiving generic packets, users are really interested in different primitives, such as retrieving or consuming content. The structural perspective suggests that the problem of the slow evolution of the Internet infrastructure lies in its architectural design, that has been shown to be hardly upgradeable.On the one hand, to encounter the new network usage, the research community proposed the Named-data networking paradigm (NDN), which brings the content-based functionalities to network devices.On the other hand Software-defined networking (SDN) can be adopted to simplify the architectural evolution and shorten the upgrade-time thanks to its centralized software control plane, at the cost of a higher network complexity that can easily introduce some bugs. SDN verification is a novel research direction aiming to check the consistency and safety of network configurations by providing formal or empirical validation.The talk consists of two parts. In the first part, we focus on the behavioral aspect by presenting the design and evaluation of “Caesar”, a content router that advances the state-of-the-art by implementing content-based functionalities which may coexist with real network environments.In the second part, we target network misconfiguration diagnosis, and we present a framework for the analysis of the network topology and forwarding tables, which can be used to detect the presence of a loop at real-time and in real network environments.Cette thèse aborde des problèmes liés à deux aspects majeurs de l’évolution d’Internet : l’aspect >, qui correspond aux nouvelles interactions entre les utilisateurs et le réseau, et l’aspect >, lié aux changements d’Internet d’un point de vue architectural.Le manuscrit est composé d’un chapitre introductif qui donne les grandes lignes de recherche de ce travail de thèse, suivi d’un chapitre consacré à la description de l’état de l’art sur les deux aspects mentionnés ci-dessus. Parmi les solutions proposées par la communauté scientifique pour s'adapter à l’évolution d’Internet, deux nouveaux paradigmes réseaux sont particulièrement décrits : Information- Centric Networking (ICN) et Software-Defined Networking (SDN).La thèse continue avec la proposition de >, un dispositif réseau, inspiré par ICN, capable de gérer la distribution de contenus à partir de primitives de routage basées sur le nom des données et non les adresses des serveurs. Caesar est présenté dans deux chapitres, qui décrivent l’architecture et deux des principaux modules : le relayage et la gestion de la traçabilité des requêtes.La suite du manuscrit décrit un outil mathématique pour la détection efficace de boucles dans un réseau SDN d’un point de vue théorique. Les améliorations de l’algorithme proposé par rapport à l’état de l’art sont discutées.La thèse se conclue par un résumé des principaux résultats obtenus et une présentation des travaux en cours et futurs