Towards a security monitoring plane for named data networking and its application against content poisoning attack
| Autor: | Edgardo Montes de Oca, Guillaume Doyen, Remi Cogranne, Wissam Mallouli, Olivier Festor, Hoang Long Mai, Tan Nguyen |
|---|---|
| Přispěvatelé: | Montimage [Paris], Environnement de Réseaux Autonomes (ERA), Institut Charles Delaunay (ICD), Université de Technologie de Troyes (UTT)-Centre National de la Recherche Scientifique (CNRS)-Université de Technologie de Troyes (UTT)-Centre National de la Recherche Scientifique (CNRS), Laboratoire Modélisation et Sûreté des Systèmes (LM2S), Resilience and Elasticity for Security and ScalabiliTy of dynamic networked systems (RESIST), Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Networks, Systems and Services (LORIA - NSS), Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), TELECOM Nancy, Université de Lorraine (UL) |
| Jazyk: | angličtina |
| Rok vydání: | 2018 |
| Předmět: |
021110 strategic
defence & security studies business.industry Computer science Node (networking) 0211 other engineering and technologies Bayesian network 020206 networking & telecommunications Context (language use) 02 engineering and technology dissemin Information-centric networking Software deployment 0202 electrical engineering electronic engineering information engineering The Internet Relevance (information retrieval) Anomaly detection [INFO]Computer Science [cs] business Computer network |
| Zdroj: | NOMS 2018-2018 IEEE/IFIP Network Operations and Management Symposium NOMS 2018-2018 IEEE/IFIP Network Operations and Management Symposium, 2018, Taipei, Taiwan. ⟨10.1109/noms.2018.8406246⟩ NOMS |
| Popis: | International audience; Named Data Networking (NDN) is the most mature proposal of the Information Centric Networking paradigm, a clean-slate approach for the Future Internet. Although NDN was designed to tackle security issues inherent to IP networks natively, newly introduced security attacks in its transitional phase threaten NDN's practical deployment. Therefore, a security monitoring plane for NDN is indispensable before any potential deployment of this novel architecture in an operating context by any provider. We propose an approach for the monitoring and anomaly detection in NDN nodes leveraging Bayesian Network techniques. A list of monitored metrics is introduced as a quantitative measure to feature the behavior of an NDN node. By leveraging the hypothesis testing theory, a micro detector is developed to detect whenever the metric significantly changes from its normal behavior. A Bayesian network structure that correlates alarms from micro detectors is designed based on the expert knowledge of the NDN specification and the NFD implementation. The relevance and performance of our security monitoring approach are demonstrated by considering the Content Poisoning Attack (CPA), one of the most critical attacks in NDN, through numerous experiment data collected from a real NDN deployment. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|