217 research outputs found
Towards Loop-Free Forwarding of Anonymous Internet Datagrams that Enforce Provenance
The way in which addressing and forwarding are implemented in the Internet
constitutes one of its biggest privacy and security challenges. The fact that
source addresses in Internet datagrams cannot be trusted makes the IP Internet
inherently vulnerable to DoS and DDoS attacks. The Internet forwarding plane is
open to attacks to the privacy of datagram sources, because source addresses in
Internet datagrams have global scope. The fact an Internet datagrams are
forwarded based solely on the destination addresses stated in datagram headers
and the next hops stored in the forwarding information bases (FIB) of relaying
routers allows Internet datagrams to traverse loops, which wastes resources and
leaves the Internet open to further attacks. We introduce PEAR (Provenance
Enforcement through Addressing and Routing), a new approach for addressing and
forwarding of Internet datagrams that enables anonymous forwarding of Internet
datagrams, eliminates many of the existing DDoS attacks on the IP Internet, and
prevents Internet datagrams from looping, even in the presence of routing-table
loops.Comment: Proceedings of IEEE Globecom 2016, 4-8 December 2016, Washington,
D.C., US
A Light-Weight Forwarding Plane for Content-Centric Networks
We present CCN-DART, a more efficient forwarding approach for content-centric
networking (CCN) than named data networking (NDN) that substitutes Pending
Interest Tables (PIT) with Data Answer Routing Tables (DART) and uses a novel
approach to eliminate forwarding loops. The forwarding state required at each
router using CCN-DART consists of segments of the routes between consumers and
content providers that traverse a content router, rather than the Interests
that the router forwards towards content providers. Accordingly, the size of a
DART is proportional to the number of routes used by Interests traversing a
router, rather than the number of Interests traversing a router. We show that
CCN-DART avoids forwarding loops by comparing distances to name prefixes
reported by neighbors, even when routing loops exist. Results of simulation
experiments comparing CCN-DART with NDN using the ndnSIM simulation tool show
that CCN-DART incurs 10 to 20 times less storage overhead
Enabling Correct Interest Forwarding and Retransmissions in a Content Centric Network
We show that the mechanisms used in the name data networking (NDN) and the
original content centric networking (CCN) architectures may not detect Interest
loops, even if the network in which they operate is static and no faults occur.
Furthermore, we show that no correct Interest forwarding strategy can be
defined that allows Interest aggregation and attempts to detect Interest
looping by identifying Interests uniquely. We introduce SIFAH (Strategy for
Interest Forwarding and Aggregation with Hop-Counts), the first Interest
forwarding strategy shown to be correct under any operational conditions of a
content centric network. SIFAH operates by having forwarding information bases
(FIBs) store the next hops and number of hops to named content, and by having
each Interest state the name of the requested content and the hop count from
the router forwarding an Interest to the content. We present the results of
simulation experiments using the ndnSIM simulator comparing CCN and NDN with
SIFAH. The results of these experiments illustrate the negative impact of
undetected Interest looping when Interests are aggregated in CCN and NDN, and
the performance advantages of using SIFAH
Method and System for Name Resolution Across Heterogeneous Architectures
One embodiment of the present invention provides a system for resolving a name request in a network comprising a plurality of groups that use different name-resolution schemes. During operation, the system receives, at a first group, the name request; identifies a parent group of the first group, which is a member of the parent group; and in response to failing to resolve the name request within the first group, forwards the name request to the identified parent group
Reversing The Meaning of Node Connectivity for Content Placement in Networks of Caches
It is a widely accepted heuristic in content caching to place the most
popular content at the nodes that are the best connected. The other common
heuristic is somewhat contradictory, as it places the most popular content at
the edge, at the caching nodes nearest the users. We contend that neither
policy is best suited for caching content in a network and propose a simple
alternative that places the most popular content at the least connected node.
Namely, we populate content first at the nodes that have the lowest graph
centrality over the network topology. Here, we provide an analytical study of
this policy over some simple topologies that are tractable, namely regular
grids and trees. Our mathematical results demonstrate that placing popular
content at the least connected nodes outperforms the aforementioned
alternatives in typical conditions
- …