CCNcheck: um mecanismo de mitigação para poluição de conteúdos em Redes Centradas em Conteúdo
Abstract
Content-Centric Networking is a proposal for the future Internet, where the data is identified and requested based on its name. Any node that stores a content with the same name can answer to the user. To ensure the data's integrity and authenticity, all contents in the network are digitally signed by its publishers. Nevertheless, make the routers to check the signature of all contents imposes a significative processing overhead. For this reason, the signature verification is optional for routers, and it is not executed by default. Based on this behavior, malicious producers can create polluted versions of contents, therefore reducing their availability. To mitigate this problem, we propose CCNcheck, a mechanism that imposes a probabilistic signature verification by routers. We concluded that CCNchek allows consumers, in specific scenarios, to recover a greater number of valid contents and helps to reduce the waste of network resources used to forward polluted contents.References
Afanasyev, A., Moiseenko, I., and Zhang, L. (2012). ndnSIM: NDN simulator for NS-3. Relatório Técnico NDN-0005, NDN.
Arianfar, S., Koponen, T., Raghavan, B., and Shenker, S. (2011). On Preserving Privacy in Content-Oriented Networks. In ACM SIGCOMM Workshop on Information-Centric Networking, pages 19–24.
BBC. Processo legal contra o Napster. http://news.bbc.co.uk/2/hi/business/1166651.stm (Acessado em 09/09/2013).
Brito, G. M., Velloso, P. B., and Moraes, I. M. (2012). Redes Orientadas a Conteúdo: Um Novo Paradigma para a Internet. In Minicurso Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuidos SBRC, pages 211–264.
Compagno, A. C. M. G. P. and Tsudik, G. (2012). NDN Interest Flooding Attacks and Countermeasures. In ACSAC 2012.
DiBenedetto, S., Gasti, P., Tsudik, G., and Uzun, E. (2012). ANDaNA: Anonymous Named Data Networking Application. In NDSS 2012.
FOTIOU, N., MARIAS, G. F., and POLYZOS, G. C. (2010). Information Ranking in Content-Centric Networks. In Future Network and Mobile Summit, 2010, pages 1–7.
Gasti, P., Tsudik, G., Uzun, E., and Zhang, L. (2012). DoS & DDoS in Named-Data Networking. Online: http://arxiv.org/pdf/1208.0952.pdf.
Jacobson, V., Smetters, D. K., Thornton, J. D., and Plass, M. F. (2009). Networking named content. In International Conference on emerging Networking Experiments and Technologies CoNEXT.
Jacobson, V., Thornton, J. D., Plass, M., Briggs, N., Braynard, R., and Smetters, D. K. (2012). Networking Named Content. Communications of the ACM, 55(1):117–124.
Lee, U., Choi, M., Cho, J., Sanadidi, M. Y., and Gerla, M. (2006). Understanding Pollution Dynamics in P2P File Sharing. In 5th International Workshop on Peer-to-Peer Systems (IPTPS’06).
Liang, J., Kumar, R., Xi, Y., and Ross, K. W. (2005). Pollution in P2P File Sharing Systems. In INFOCOM 2005. 24th Annual Joint Conference of the IEEE Computer and Communications Societies, volume 2, pages 1174–1185.
Lou, X. and Hwang, K. (2009). Collusive Piracy Prevention in P2P Content Delivery Networks. IEEE Transactions on Computers, 58(7):970–983.
NS3. NS-3 Simulator. http://www.nsnam.org (Acessado em 09/09/2013).
Ribeiro, I. C. G., Guimarães, F. Q., Kazienko, J., Rocha, A. A. A., Velloso, P. B., Moraes, I. M., and De Albuquerque, C. V. (2012). Segurança em Redes Centradas em Conteúdo: Vulnerabilidades, Ataques e Contramedidas. Minicurso Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais SBSeg, pages 101–150.
Spring, N., Mahajan, R., and Wetherall, D. (2002). Measuring ISP topologies with rocketfuel. In Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications, pages 133–145. ACM SIGCOMM.
Walsh, K. and Sirer, E. G. (2005). Fighting Peer-to-Peer SPAM and Decoys with Object Reputation. In Workshop on Economics of peer-to-peer systems, pages 138–143. ACM SIGCOMM.
Arianfar, S., Koponen, T., Raghavan, B., and Shenker, S. (2011). On Preserving Privacy in Content-Oriented Networks. In ACM SIGCOMM Workshop on Information-Centric Networking, pages 19–24.
BBC. Processo legal contra o Napster. http://news.bbc.co.uk/2/hi/business/1166651.stm (Acessado em 09/09/2013).
Brito, G. M., Velloso, P. B., and Moraes, I. M. (2012). Redes Orientadas a Conteúdo: Um Novo Paradigma para a Internet. In Minicurso Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuidos SBRC, pages 211–264.
Compagno, A. C. M. G. P. and Tsudik, G. (2012). NDN Interest Flooding Attacks and Countermeasures. In ACSAC 2012.
DiBenedetto, S., Gasti, P., Tsudik, G., and Uzun, E. (2012). ANDaNA: Anonymous Named Data Networking Application. In NDSS 2012.
FOTIOU, N., MARIAS, G. F., and POLYZOS, G. C. (2010). Information Ranking in Content-Centric Networks. In Future Network and Mobile Summit, 2010, pages 1–7.
Gasti, P., Tsudik, G., Uzun, E., and Zhang, L. (2012). DoS & DDoS in Named-Data Networking. Online: http://arxiv.org/pdf/1208.0952.pdf.
Jacobson, V., Smetters, D. K., Thornton, J. D., and Plass, M. F. (2009). Networking named content. In International Conference on emerging Networking Experiments and Technologies CoNEXT.
Jacobson, V., Thornton, J. D., Plass, M., Briggs, N., Braynard, R., and Smetters, D. K. (2012). Networking Named Content. Communications of the ACM, 55(1):117–124.
Lee, U., Choi, M., Cho, J., Sanadidi, M. Y., and Gerla, M. (2006). Understanding Pollution Dynamics in P2P File Sharing. In 5th International Workshop on Peer-to-Peer Systems (IPTPS’06).
Liang, J., Kumar, R., Xi, Y., and Ross, K. W. (2005). Pollution in P2P File Sharing Systems. In INFOCOM 2005. 24th Annual Joint Conference of the IEEE Computer and Communications Societies, volume 2, pages 1174–1185.
Lou, X. and Hwang, K. (2009). Collusive Piracy Prevention in P2P Content Delivery Networks. IEEE Transactions on Computers, 58(7):970–983.
NS3. NS-3 Simulator. http://www.nsnam.org (Acessado em 09/09/2013).
Ribeiro, I. C. G., Guimarães, F. Q., Kazienko, J., Rocha, A. A. A., Velloso, P. B., Moraes, I. M., and De Albuquerque, C. V. (2012). Segurança em Redes Centradas em Conteúdo: Vulnerabilidades, Ataques e Contramedidas. Minicurso Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais SBSeg, pages 101–150.
Spring, N., Mahajan, R., and Wetherall, D. (2002). Measuring ISP topologies with rocketfuel. In Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications, pages 133–145. ACM SIGCOMM.
Walsh, K. and Sirer, E. G. (2005). Fighting Peer-to-Peer SPAM and Decoys with Object Reputation. In Workshop on Economics of peer-to-peer systems, pages 138–143. ACM SIGCOMM.
Published
2013-11-11
How to Cite
RIBEIRO, Igor C. G.; GUIMARÃES, Flávio de Q.; ALBUQUERQUE, Célio V. N.; ROCHA, Antônio A. de A..
CCNcheck: um mecanismo de mitigação para poluição de conteúdos em Redes Centradas em Conteúdo. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 13. , 2013, Manaus.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2013
.
p. 114-127.
DOI: https://doi.org/10.5753/sbseg.2013.19540.
