Towards Loop-Free Forwarding of Anonymous Internet Datagrams that Enforce Provenance

The way in which addressing and forwarding are implemented in the Internet constitutes one of its biggest privacy and security challenges. The fact that source addresses in Internet datagrams cannot be trusted makes the IP Internet inherently vulnerable to DoS and DDoS attacks. The Internet forwarding plane is open to attacks to the privacy of datagram sources, because source addresses in Internet datagrams have global scope. The fact an Internet datagrams are forwarded based solely on the destination addresses stated in datagram headers and the next hops stored in the forwarding information bases (FIB) of relaying routers allows Internet datagrams to traverse loops, which wastes resources and leaves the Internet open to further attacks. We introduce PEAR (Provenance Enforcement through Addressing and Routing), a new approach for addressing and forwarding of Internet datagrams that enables anonymous forwarding of Internet datagrams, eliminates many of the existing DDoS attacks on the IP Internet, and prevents Internet datagrams from looping, even in the presence of routing-table loops.Comment: Proceedings of IEEE Globecom 2016, 4-8 December 2016, Washington, D.C., US

Making Name-Based Content Routing More Efficient than Link-State Routing

The Diffusive Name-based Routing Protocol (DNRP) is introduced for efficient name-based routing in information-centric networks (ICN). DNRP establishes and maintains multiple loop-free routes to the nearest instances of a name prefix using only distance information. DNRP eliminates the need for periodic updates, maintaining topology information, storing complete paths to content replicas, or knowing about all the sites storing replicas of named content. DNRP is suitable for large ICNs with large numbers of prefixes stored at multiple sites. It is shown that DNRP provides loop-free routes to content independently of the state of the topology and that it converges within a finite time to correct routes to name prefixes after arbitrary changes in the network topology or the placement of prefix instances. The result of simulation experiments illustrates that DNRP is more efficient than link-state routing approaches

KALOHA: ike i ke ALOHA

A new family of channel-access schemes  called KALOHA  (for ``Knowledge in ALOHA") is introduced.  KALOHA consists of modifying the pure ALOHA  protocol  by  endowing nodes with knowledge regarding the local times when packets  and acknowledgments are received,  and sharing  estimates of channel utilization at the medium access control (MAC) layer. The only physical-layer feedback needed   in KALOHA is the reception of  correct data packets and their ACKs. A  simple Markov-chain model is used  to  compare the throughput of KALOHA with ALOHA and slotted ALOHA. The analysis takes into account the amount of knowledge that nodes have and  the  effect of  acknowledgments and turnaround latencies.  The results  demonstrate the  benefits  derived from using  and sharing knowledge of channel utilization at the MAC layer.  KALOHA is more stable  than ALOHA and attains  more than double  the throughput of  ALOHA,  without the need for carrier sensing, requiring time slotting at the physical layer, or using other physical-layer mechanisms

A Light-Weight Forwarding Plane for Content-Centric Networks

We present CCN-DART, a more efficient forwarding approach for content-centric networking (CCN) than named data networking (NDN) that substitutes Pending Interest Tables (PIT) with Data Answer Routing Tables (DART) and uses a novel approach to eliminate forwarding loops. The forwarding state required at each router using CCN-DART consists of segments of the routes between consumers and content providers that traverse a content router, rather than the Interests that the router forwards towards content providers. Accordingly, the size of a DART is proportional to the number of routes used by Interests traversing a router, rather than the number of Interests traversing a router. We show that CCN-DART avoids forwarding loops by comparing distances to name prefixes reported by neighbors, even when routing loops exist. Results of simulation experiments comparing CCN-DART with NDN using the ndnSIM simulation tool show that CCN-DART incurs 10 to 20 times less storage overhead

Enabling Correct Interest Forwarding and Retransmissions in a Content Centric Network

We show that the mechanisms used in the name data networking (NDN) and the original content centric networking (CCN) architectures may not detect Interest loops, even if the network in which they operate is static and no faults occur. Furthermore, we show that no correct Interest forwarding strategy can be defined that allows Interest aggregation and attempts to detect Interest looping by identifying Interests uniquely. We introduce SIFAH (Strategy for Interest Forwarding and Aggregation with Hop-Counts), the first Interest forwarding strategy shown to be correct under any operational conditions of a content centric network. SIFAH operates by having forwarding information bases (FIBs) store the next hops and number of hops to named content, and by having each Interest state the name of the requested content and the hop count from the router forwarding an Interest to the content. We present the results of simulation experiments using the ndnSIM simulator comparing CCN and NDN with SIFAH. The results of these experiments illustrate the negative impact of undetected Interest looping when Interests are aggregated in CCN and NDN, and the performance advantages of using SIFAH

A fault-tolerant forwarding strategy for interest-based information centric networks

We show that the forwarding strategies in the named data networking (NDN) architecture and the original content centric networking (CCN) architecture cannot ensure that Interests return the requested data objects when routing-table loops exist in a stable or dynamic network. We also show that no correct Interest forwarding strategy that allows Interest aggregation can be designed solely on the basis of identifying Interests uniquely in order to detect Interest loops. We introduce SIFAH (Strategy for Interest Forwarding and Aggregation with Hop-Counts).  SIFAH prevents or detects Interest loops when Interests are aggregated or forwarded over one or multiple paths. As a result, it is far more efficient than the forwarding strategy in NDN and the original CCN proposal. SIFAH operates by having forwarding information bases (FIB) store the next hops and number of hops to named content prefixes, and by using Interests that state the names of requested content and hop counts that reflect the information in their FIBs