Journal article Open Access

The named data networking flow filter: Towards improved security over information leakage attacks

DaishiKondo; Vassilis Vassiliades; Thomas Silverston; Hideki Tode; Tohru Asami


DataCite XML Export

<?xml version='1.0' encoding='utf-8'?>
<resource xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://datacite.org/schema/kernel-4" xsi:schemaLocation="http://datacite.org/schema/kernel-4 http://schema.datacite.org/meta/kernel-4.1/metadata.xsd">
  <identifier identifierType="URL">https://zenodo.org/record/3746700</identifier>
  <creators>
    <creator>
      <creatorName>DaishiKondo</creatorName>
      <affiliation>aOsaka Prefecture University, 1-1 Gakuen-cho, Naka-ku, Sakai City, Osaka 599-8531, Japan</affiliation>
    </creator>
    <creator>
      <creatorName>Vassilis Vassiliades</creatorName>
      <affiliation>bResearch Centre on Interactive Media, Smart Systems and Emerging Technologies, Dimarcheio Lefkosias, Plateia Eleftherias, Nicosia 1500, Cyprus</affiliation>
    </creator>
    <creator>
      <creatorName>Thomas Silverston</creatorName>
      <affiliation>cShibaura Institute of Technology, 307 Fukasaku, Minuma-ku, Saitama City, Saitama 337-8570, Japan</affiliation>
    </creator>
    <creator>
      <creatorName>Hideki Tode</creatorName>
      <affiliation>aOsaka Prefecture University, 1-1 Gakuen-cho, Naka-ku, Sakai City, Osaka 599-8531, Japan</affiliation>
    </creator>
    <creator>
      <creatorName>Tohru Asami</creatorName>
      <affiliation>Advanced Telecommunications Research Institute International, 2-2-2 Hikaridai, Seika-cho, Soraku-gun, Kyoto 619-0288, Japan</affiliation>
    </creator>
  </creators>
  <titles>
    <title>The named data networking flow filter: Towards improved security over information leakage attacks</title>
  </titles>
  <publisher>Zenodo</publisher>
  <publicationYear>2020</publicationYear>
  <dates>
    <date dateType="Issued">2020-05-22</date>
  </dates>
  <language>en</language>
  <resourceType resourceTypeGeneral="Text">Journal article</resourceType>
  <alternateIdentifiers>
    <alternateIdentifier alternateIdentifierType="url">https://zenodo.org/record/3746700</alternateIdentifier>
  </alternateIdentifiers>
  <relatedIdentifiers>
    <relatedIdentifier relatedIdentifierType="DOI" relationType="IsIdenticalTo">10.1016/j.comnet.2020.107187</relatedIdentifier>
    <relatedIdentifier relatedIdentifierType="URL" relationType="IsPartOf">https://zenodo.org/communities/rise-teaming-cyprus</relatedIdentifier>
  </relatedIdentifiers>
  <version>Preprint</version>
  <rightsList>
    <rights rightsURI="https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode">Creative Commons Attribution Non Commercial No Derivatives 4.0 International</rights>
    <rights rightsURI="info:eu-repo/semantics/openAccess">Open Access</rights>
  </rightsList>
  <descriptions>
    <description descriptionType="Abstract">&lt;p&gt;Named Data Networking (NDN) has the potential to create a more secure future Internet. It is therefore crucial to investigate its vulnerabilities in order to make it safer against information leakage attacks. In NDN, malware inside an enterprise can encode condential information into Interest names and send it to the attacker. One of the countermeasures is to inspect a name in the Interest using a name lter and identify it as legitimate or anomalous. Although the name lter can dramatically decrease the information leakage throughput per Interest, it has a serious disadvantage: it does not consider a ow of Interests. This means that the malware can not only cause information leakage, but even improve the speed of the attack by aggressively producing massive ows of malicious Interests. This paper investigates such NDN ow attacks. Our contribution is twofold. First, we present a scheme that converts an HTTP ow into the corresponding NDN ow, as to date there is no publicly available dataset of the latter. Second, we propose an NDN ow lter based on support vector machines to classify the short-term activity of NDN consumers as legitimate or anomalous. In order to obtain legitimate and anomalous ows, we use a preprocessing anomaly detection step where we mark consumers based on their long-term activity. Our results clearly show that the ow lter improves the performance of the name lter by&lt;br&gt;
two orders of&amp;nbsp;magnitude. Thus, we expect that our approach will drastically reduce the impact of this security attack in NDN.&lt;/p&gt;</description>
    <description descriptionType="Other">This work has received funding from the European Union's Horizon 2020 Research and Innovation Programme under Grant Agreement  No 739578 and the Government of the Republic of Cyprus through the Directorate General for European Programmes, Coordination and Development.</description>
  </descriptions>
  <fundingReferences>
    <fundingReference>
      <funderName>European Commission</funderName>
      <funderIdentifier funderIdentifierType="Crossref Funder ID">10.13039/501100000780</funderIdentifier>
      <awardNumber awardURI="info:eu-repo/grantAgreement/EC/H2020/739578/">739578</awardNumber>
      <awardTitle>Research Center on Interactive Media, Smart System and Emerging Technologies</awardTitle>
    </fundingReference>
  </fundingReferences>
</resource>
14
11
views
downloads
Views 14
Downloads 11
Data volume 14.9 MB
Unique views 13
Unique downloads 9

Share

Cite as