KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

A Cache Privacy Protection Mechanism based on Dynamic Address Mapping in Named Data Networking

  • Zhu, Yi (School of Computer Science and Communication Engineering, Jiangsu University) ;
  • Kang, Haohao (School of Computer Science and Communication Engineering, Jiangsu University) ;
  • Huang, Ruhui (School of Computer Science and Communication Engineering, Jiangsu University)
  • Received : 2017.09.03
  • Accepted : 2018.08.09
  • Published : 2018.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

Named data networking (NDN) is a new network architecture designed for next generation Internet. Router-side content caching is one of the key features in NDN, which can reduce redundant transmission, accelerate content distribution and alleviate congestion. However, several security problems are introduced as well. One important security risk is cache privacy leakage. By measuring the content retrieve time, adversary can infer its neighbor users' hobby for privacy content. Focusing on this problem, we propose a cache privacy protection mechanism (named as CPPM-DAM) to identify legitimate user and adversary using Bloom filter. An optimization for storage cost is further provided to make this mechanism more practical. The simulation results of ndnSIM show that CPPM-DAM can effectively protect cache privacy.

Keywords

References

  1. T. Koponen, M. Chawla, B.G. Chun, et al., "A data-oriented(and beyond) network architecture," ACM SIGCOMM Computer Communication Review, vol. 37, no.4, pp. 181-192, 2007. https://doi.org/10.1145/1282427.1282402
  2. S. Tarkoma, M. Ain, K. Visala, "The publish/subscribe internet routing paradigm (psirp): Designing the future internet architecture," Future Internet Assembly, pp. 102-111, April, 2009.
  3. L. Zhang, D. Estrin, J. Burke, et al., "Named data networking (ndn) project," in Proc. of Relatorio Tecnico NDN-0001, Xerox Palo Alto Research Center-PARC ,2010.
  4. L. Zhang, A. Afanasyev, J. Burke, et al., "Named data networking," ACM SIGCOMM Computer Communication Review, vol. 44, no.3, pp. 66-73, 2014. https://doi.org/10.1145/2656877.2656887
  5. E. Ngai, B. Ohlman, G. Tsudik, et al., "Can We Make a Cake and Eat it Too? A Discussion of ICN Security and Privacy," ACM SIGCOMM Computer Communication Review, vol. 47, no.1, pp. 49-54, 2017. https://doi.org/10.1145/3041027.3041034
  6. Vasilakos, V. Athanasis, Z. Li, et al., "Information centric network: Research challenges and opportunities," Journal of Network and Computer Applications, vol. 52, pp.1-10, 2015. https://doi.org/10.1016/j.jnca.2015.02.001
  7. D. Saxena, V. Raychoudhury, N. Suri, et al., "Named data networking: a survey," Computer Science Review, vol.19, pp.15-55, 2016. https://doi.org/10.1016/j.cosrev.2016.01.001
  8. T. Lauinger, "Security & scalability of content-centric networking," Master's thesis, Technische University, 2010.
  9. Dogruluk, Ertugrul, A. Costa, and J. Macedo, "Evaluating privacy attacks in Named Data Network," in Proc. of 2016 IEEE Symposium on Computers and Communication (ISCC), pp. 1251-1256, 2016.
  10. G. Acs, M. Conti, P. Gasti, et al., "Cache privacy in named-data networking," in Proc. of 2013 IEEE 33rd International Conference on Distributed Computing Systems (ICDCS), pp. 41-51, 2013.
  11. A. Mohaisen, X. Zhang, M. Schuchard, et al., "Protecting access privacy of cached contents in information centric networks," in Proc. of Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security, pp. 173-178, 2013.
  12. A. Mohaisen, H. Mekky, X. Zhang, et al., "Timing attacks on access privacy in information centric networks and countermeasures," IEEE Transactions on Dependable and Secure Computing, vol.12, no.6, pp. 675-687, 2015. https://doi.org/10.1109/TDSC.2014.2382592
  13. Da Silva, Roan Simoes, Sergio Donizetti Zorzo, "An access control mechanism to ensure privacy in named data networking using attribute-based encryption with immediate revocation of privileges," in Proc. of the 12th Annual IEEE Consumer Communications and Networking Conference (CCNC), pp. 128-133, 2015.
  14. M. Ion, J. Zhang, E. M. Schooler, "Toward content-centric privacy in ICN: Attribute-based encryption and routing," in Proc. of Proceedings of the 3rd ACM SIGCOMM workshop on Information-centric networking, ACM, pp. 39-40, 2013.
  15. T. Chen, K. Lei, K. Xu, et al., "An encryption and probability based access control model for named data networking," in Proc. of 2014 IEEE International Performance Computing and Communications Conference (IPCCC), IEEE, pp. 1-8, 2014.
  16. T. Lauinger, N. Laoutaris, P. Rodriguez, et al., "Privacy risks in named data networking: what is the cost of performance?," in Proc. of ACM SIGCOMM Computer Communication Review, vol.42, no.5, pp. 54-57, 2012.
  17. T. Lauinger, N. Laoutaris, P. Rodriguez, et al., "Privacy implications of ubiquitous caching in named data networking architectures," Technical Report TR-iSecLab-0812-001, ISecLab, Tech. Rep., 2012.
  18. A. Chaabane, E. De Cristofaro, M. A. Kaafar, et al., "Privacy in content-oriented networking: Threats and countermeasures," in Proc. of ACM SIGCOMM Computer Communication Review, vol.43, no.3, pp. 25-33, 2013. https://doi.org/10.1145/2500098.2500102
  19. S. Arianfar, T. Koponen, B. Raghavan, et al., "On preserving privacy in content-oriented networks." in Proc. of Proceedings of the ACM SIGCOMM workshop on Information-centric networking, ACM, pp. 19-24, 2011.
  20. Z. Xingwen, H. Li, "Privacy Preserving Data Sharing Scheme in Content Centric Networks against Collusion Name Guessing Attacks," IEEE Access, vol.5, pp.23182-23189, 2017. https://doi.org/10.1109/ACCESS.2017.2740623
  21. B. H. Bloom, "Space/time trade-offs in hash coding with allowable errors," Communications of the ACM , vol. 13, no. 7, pp. 422-426, 1970. https://doi.org/10.1145/362686.362692
  22. S. Mastorakis, A. Afanasyev, L.Zhang, "On the Evolution of ndnSIM: an Open-Source Simulator for NDN Experimentation," in Proc. of ACM SIGCOMM Computer Communication Review, vol. 47, no.3, pp. 19-33, 2017.
  23. S. Mastorakis, A. Afanasyev, I. Moiseenko, et al., "ndnsim 2.0: A new version of the ndn simulator for ns-3," NDN, Technical Report NDN-0028, 2015.
  24. M. Mangili, F Martignon, S Paraboschi, "A cache-aware mechanism to enforce confidentiality, trackability and access policy evolution in content-centric networks," Computer Networks, no.76, pp.126-145, 2015.
  25. C. Fricker, P. Robert, J. Roberts, N. Sbihi, "Impact of traffic mix on caching performance in a content-centric network," in Proc. of 2012 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), IEEE, pp. 310-315, 2012.
  26. I. Psaras, R. G. Clegg, R. Landa, et al, " Modeling and Evaluation of CCN-Caching Trees," IFIP Networking, pp.78-91, 2011.
  27. Y. Collet, "xxhash-extremeley fast hash algorithm," 2016.
  28. T. M. Cover, J. A. Thomas, "Elements of information theory," John Wiley & Sons, New York, 2012.
  29. N. Laoutaris, H. Che, I. Stavrakakis, "The lcd interconnection of lru caches and its analysis," Performance Evaluation, vol. 63, pp. 609-634, 2006. https://doi.org/10.1016/j.peva.2005.05.003