{"title":"Defend against Internet censorship in named data networking","authors":"Xingmin Cui, Yu-hin Tsang, L. Hui, S. Yiu, Bo Luo","doi":"10.1109/ICACT.2016.7423368","DOIUrl":null,"url":null,"abstract":"Named Data Networking (NDN), as a promising next generation network, has several advantages in scalability, mobility and network efficiency compared with IP-based Internet. These advantages come with the usage of named content, powerful routers and intermediate cache. These, however, make censorship in NDN more easily to deploy. In this paper we give an analysis of the possible censorship techniques in NDN and come up with two most effective attacks: name-watchlist attack and deep packet inspection. Existing solutions against censorship in IP-based network and NDN either cannot defend against both attacks or disable the cache mechanism, thus decrease the network efficiency. We propose a scheme which adopts the idea of proxy web servers and brings in the concept of smart routers to partially persevere the functionality of intermediate cache and improve network performance. Security analysis shows that as long as the consumer can connect to a smart router which performs a second-time disguise of the requested name without going through a compromised smart router, he can retrieve his interested Data packet. Simulation result shows that the usage of smart routers helps mitigate the performance overhead to disguise Interest names and Data content.","PeriodicalId":125854,"journal":{"name":"2016 18th International Conference on Advanced Communication Technology (ICACT)","volume":"2674 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 18th International Conference on Advanced Communication Technology (ICACT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICACT.2016.7423368","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
Named Data Networking (NDN), as a promising next generation network, has several advantages in scalability, mobility and network efficiency compared with IP-based Internet. These advantages come with the usage of named content, powerful routers and intermediate cache. These, however, make censorship in NDN more easily to deploy. In this paper we give an analysis of the possible censorship techniques in NDN and come up with two most effective attacks: name-watchlist attack and deep packet inspection. Existing solutions against censorship in IP-based network and NDN either cannot defend against both attacks or disable the cache mechanism, thus decrease the network efficiency. We propose a scheme which adopts the idea of proxy web servers and brings in the concept of smart routers to partially persevere the functionality of intermediate cache and improve network performance. Security analysis shows that as long as the consumer can connect to a smart router which performs a second-time disguise of the requested name without going through a compromised smart router, he can retrieve his interested Data packet. Simulation result shows that the usage of smart routers helps mitigate the performance overhead to disguise Interest names and Data content.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
