research-article

Privacy in content-oriented networking: threats and countermeasures

Authors:

Abdelberi Chaabane,

Emiliano De Cristofaro,

Mohamed Ali Kaafar,

Ersin UzunAuthors Info & Claims

ACM SIGCOMM Computer Communication Review, Volume 43, Issue 3

Pages 25 - 33

https://doi.org/10.1145/2500098.2500102

Published: 01 July 2013 Publication History

Abstract

As the Internet struggles to cope with scalability, mobility, and security issues, new network architectures are being proposed to better accommodate the needs of modern systems and applications. In particular, Content-Oriented Networking (CON) has emerged as a promising next-generation Internet architecture: it sets to decouple content from hosts, at the network layer, by naming data rather than hosts. CON comes with a potential for a wide range of benefits, including reduced congestion and improved delivery speed by means of content caching, simpler configuration of network devices, and security at the data level. However, it remains an interesting open question whether or not, and to what extent, this emerging networking paradigm bears new privacy challenges. In this paper, we provide a systematic privacy analysis of CON and the common building blocks among its various architectural instances in order to highlight emerging privacy threats, and analyze a few potential countermeasures. Finally, we present a comparison between CON and today's Internet in the context of a few privacy concepts, such as, anonymity, censoring, traceability, and confidentiality.

References

[1]

G. Acs, M. Conti, P. Gasti, C. Ghali, and G. Tsudik. Cache Privacy in Named-Data Networking. In ICDCS, 2013.

Digital Library

[2]

B. Ahlgren, C. Dannewitz, C. Imbrenda, D. Kutscher, and B. Ohlman. A survey of Information-Centric Networking. IEEE Communications Magazine, 50(7), 2012.

[3]

M. Ambrosio, M. Marchisio, V. Vercellone, and et al. Second NetInf Architecture Description. 4WARD Deliverable D6.2, http://www.4ward-project.eu/index.php?id=192, 2010.

[4]

J. Ardelius, B. Grönvall, L. Westberg, and A. Arvidsson. On the effects of caching in access aggregation networks. In ICN, 2012.

Digital Library

[5]

S. Arianfar, T. Koponen, B. Raghavan, and S. Shenker. On preserving privacy in Content-Oriented Networks. In ICN, 2011.

Digital Library

[6]

R. Bendrath and M. Mueller. The End of the Net as We Know It? Deep Packet Inspection and Internet Governance. New Media and Society, 13(7), 2011.

[7]

M. Blaze, G. Bleumer, and M. Strauss. Divertible protocols and atomic proxy cryptography. In EUROCRYPT, 1998.

[8]

D. Boneh, C. Gentry, and B. Waters. Collusion-resistant Broadcast Encryption with Short Ciphertexts and Private Keys. In CRYPTO, 2005.

Digital Library

[9]

S. Borst, V. Gupta, and A. Walid. Distributed Caching Algorithms for Content Distribution Networks. In INFOCOM, 2010.

Digital Library

[10]

J. Boyan. The Anonymizer -- Protecting User Privacy on the Web, 1997.

[11]

A. Broder, M. Mitzenmacher, and A. Broder. Network Applications of Bloom Filters: A Survey. Internet Mathematics, 1, 2002.

[12]

J. Burke, P. Gasti, N. Nathan, and G. Tsudik. Securing Instrumented Environments over Content-Centric Networking: the Case of Lighting Control. In NOMEN, 2013.

[13]

A. Carzaniga, M. J. Rutherford, and A. L. Wolf. A Routing Scheme for Content-Based Networking. In INFOCOM, 2004.

[14]

A. Chaabane, E. De Cristofaro, M. Kaafar, and E. Uzun. Privacy in Content-Oriented Networking: Threats and Countermeasures. http://arxiv.org/abs/1211.5183, 2013.

[15]

D. Chaum. Desinated-confirmer signature systems, 1994. US Patent 5,373,558.

[16]

D. Chaum and E. Van Heyst. Group signatures. In EUROCRYPT, 1991.

Digital Library

[17]

D. L. Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2), 1981.

Digital Library

[18]

K. Cho, J. Choi, D. Ko, T. Kwon, and Y. Choi. Content-oriented networking as a future internet infrastructure: Concepts, strengths, and application scenarios. In Future Internet Technologies, 2008.

[19]

K. Cho, M. Lee, K. Park, T. Kwon, Y. Choi, and S. Pack. WAVE: Popularity-based and collaborative in-network caching for Content-Oriented Networks. In INFOCOM Workshops, 2012.

[20]

J. Choi, J. Han, E. Cho, T. Kwon, and Y. Choi. A Survey on Content-Oriented Networking for Efficient Content Delivery. IEEE Communications Magazine, 49(3), 2011.

Digital Library

[21]

Cisco, Inc. Cisco Visual Networking Index: Forecast and Methodology, 2011-2016. http://preview.tinyurl.com/3p7v28, 2012.

[22]

C. Dannewitz, J. Golic, B. Ohlman, and B. Ahlgren. Secure Naming for a Network of Information. In INFOCOM Workshops, 2010.

[23]

L. Deng, Y. Gao, Y. Chen, and A. Kuzmanovic. Pollution attacks and defenses for internet caching systems. Comput. Netw., 2008.

Digital Library

[24]

S. DiBenedetto, P. Gasti, G. Tsudik, and E. Uzun. Andana: Anonymous named data networking application. In NDSS, 2012.

[25]

R. Dingledine, N. Mathewson, and P. Syverson. Tor: The Second-Generation Onion Router. In Usenix Security, 2004.

Digital Library

[26]

T. Duong and J. Rizzo. Here come the ninjas. In Ekoparty Security Conference, 2011.

[27]

E. W. Felten and M. A. Schneider. Timing Attacks on Web Privacy. In CCS, 2000.

Digital Library

[28]

A. Fiat and M. Naor. Broadcast Encryption. In CRYPTO, 1994.

Digital Library

[29]

S. Galbraith and W. Mao. Invisibility and anonymity of undeniable and confirmer signatures. In CT-RSA, 2003.

Digital Library

[30]

P. Gasti, G. Tsudik, E. Uzun, and L. Zhang. DoS and DDoS in Named-Data Networking. In ICCCN (To Appear), 2013.

[31]

M. Georgiev, S. Iyengar, S. Jana, R. Anubhai, D. Boneh, and V. Shmatikov. The most dangerous code in the world: validating SSL certificates in non-browser software. In CCS, 2012.

Digital Library

[32]

M. Gritter and D. R. Cheriton. An Architecture for Content Routing Support in the Internet. In USITS, 2001.

Digital Library

[33]

V. Jacobson, D. K. Smetters, J. D. Thornton, M. F. Plass, N. H. Briggs, and R. L. Braynard. Networking Named Content. In CoNEXT, 2009.

Digital Library

[34]

G. Keizer. Hackers may have stolen over 200 SSL certificates. http://www.computerworld.com/s/article/9219663/ Hackers may have stolen over 200 SSL certificates, 2011.

[35]

T. Koponen, M. Chawla, B.-G. Chun, A. Ermolinskiy, K. H. Kim, S. Shenker, and I. Stoica. A Data-Oriented (and beyond) Network Architecture. SIGCOMM Computer Communication Review, 37(4), 2007.

Digital Library

[36]

J. Kubiatowicz, D. Bindel, Y. Chen, S. Czerwinski, P. Eaton, D. Geels, R. Gummadi, S. Rhea, H. Weatherspoon, W. Weimer, C. Wells, and B. Zhao. Oceanstore: an architecture for global-scale persistent storage. SIGPLAN Notes, 35(11), 2000.

Digital Library

[37]

N. Laoutaris, S. Syntila, and I. Stavrakakis. Meta Algorithms for Hierarchical Web Caches. In IPCCC, 2004.

[38]

T. Lauinger, N. Laoutaris, P. Rodriguez, T. Strufe, E. Biersack, and E. Kirda. Privacy Implications of Ubiquitous Caching in Named Data Networking Architectures. Technical report, TR-iSecLab-0812-001, iSecLab, 2012.

[39]

T. Lauinger, N. Laoutaris, P. Rodriguez, T. Strufe, E. Biersack, and E. Kirda. Privacy risks in named data networking: what is the cost of performance? SIGCOMM Computer Communications Review, October 2012.

Digital Library

[40]

S. Le Blond, P. Manils, A. Chaabane, M. A. Kaafar, C. Castelluccia, A. Legout, and W. Dabbous. One bad apple spoils the bunch: exploiting P2P applications to trace and profile Tor users. In LEET, 2011.

Digital Library

[41]

National Science Foundation. NSF Future Internet Architecture Project. http://www.nets-fia.net/, 2010.

[42]

Palo Alto Research Center, Inc. Project CCNx: Interest Message. http://www.ccnx.org/releases/latest/doc/technical/InterestMessage.html, 2012.

[43]

Palo Alto Research Center, Inc. Project CCNx: Open-Source Implementation and Documentation. http://www.ccnx.org/, 2012.

[44]

I. Psaras, W. K. Chai, and G. Pavlou. Probabilistic in-network caching for information-centric networks. In ICN, 2012.

Digital Library

[45]

R. L. Rivest, A. Shamir, and Y. Tauman. How to Leak a Secret. In ASIACRYPT, 2001.

Digital Library

[46]

G. Rossini and D. Rossi. A dive into the caching performance of content centric networking. In CAMAD, 2012.

[47]

G. Rossini and D. Rossi. On sizing CCN content stores by exploiting topological information. In NOMEN, 2012.

[48]

D. Smetters and V. Jacobson. Securing Network Content. Technical Report, www.parc.com/content/attachments/securing-networkcontent-tr.pdf, 2009.

[49]

K. Visala, D. Lagutin, and S. Tarkoma. LANES: An Inter-Domain Data-Oriented Routing Architecture. In ReArch, 2009.

Digital Library

[50]

D. Wessels. Configuring Hierarchical Squid Caches. http://old.squid-cache.org/Doc/Hierarchy-Tutorial/tutorial-1.html.

[51]

D. Wessels and K. Claffy. Internet Caching Protocol -- RFC2186. http://tools.ietf.org/html/rfc2186, 1997.

[52]

W. Wong and P. Nikander. Secure Naming in Information-Centric Networks. In ReARCH, 2010.

Digital Library

[53]

T.-F. Yen, Y. Xie, F. Yu, R. P. Yu, and M. Abadi. Host fingerprinting and tracking on the web: Privacy and security implications. In NDSS, 2012.

[54]

W. You, B. Mathieu, P. Truong, J.-F. Peltier, and G. Simon. Realistic Storage of Pending Requests in Content-Centric Network Routers. In ICC, 2012.

Cited By

Daniel ETschorsch F(2024)Exploring the design space of privacy-enhanced content discovery for bitswapComputer Communications10.1016/j.comcom.2024.01.029217(12-24)Online publication date: Mar-2024
https://doi.org/10.1016/j.comcom.2024.01.029
Zukri NArif AAlSamman MAbrar A(2024)Enabling a Sustainable and Inclusive Digital Future with Proactive Producer Mobility Management Mechanism in Named Data NetworkingComputing and Informatics10.1007/978-981-99-9589-9_26(343-354)Online publication date: 26-Jan-2024
https://doi.org/10.1007/978-981-99-9589-9_26
Daniel ETschorsch F(2023)Privacy-Enhanced Content Discovery for Bitswap2023 IFIP Networking Conference (IFIP Networking)10.23919/IFIPNetworking57963.2023.10186387(1-9)Online publication date: 12-Jun-2023
https://doi.org/10.23919/IFIPNetworking57963.2023.10186387
Show More Cited By

Index Terms

Privacy in content-oriented networking: threats and countermeasures
1. Networks
  1. Network protocols

Recommendations

On preserving privacy in content-oriented networks
ICN '11: Proceedings of the ACM SIGCOMM workshop on Information-centric networking

The recent literature has hailed the benefits of content-oriented network architectures. However, such designs pose a threat to privacy by revealing a user's content requests. In this paper, we study how to ameliorate privacy in such designs. We present ...
Security and Privacy in Digital Libraries: Challenges, Opportunities and Prospects

Technological advances have led to a proliferation of digital libraries over the past decade or so. These offer valuable opportunities for convenient access to information and data, regardless of an individual's location. For librarians though, the ...
Privacy, traceability, and anonymity for content protection
PST '06: Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services

In this paper we are concerned with the privacy, traceability and anonymity for content distribution and protection applications. We believe for many content protection applications, privacy friendly anonymous trust is needed. We argue broadcast ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGCOMM Computer Communication Review

ACM SIGCOMM Computer Communication Review Volume 43, Issue 3

July 2013

104 pages

ISSN:0146-4833

DOI:10.1145/2500098

Issue’s Table of Contents

Copyright © 2013 Authors.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 July 2013

Published in SIGCOMM-CCR Volume 43, Issue 3

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

96
Total Citations
View Citations
817
Total Downloads

Downloads (Last 12 months)31
Downloads (Last 6 weeks)5

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Daniel ETschorsch F(2024)Exploring the design space of privacy-enhanced content discovery for bitswapComputer Communications10.1016/j.comcom.2024.01.029217(12-24)Online publication date: Mar-2024
https://doi.org/10.1016/j.comcom.2024.01.029
Zukri NArif AAlSamman MAbrar A(2024)Enabling a Sustainable and Inclusive Digital Future with Proactive Producer Mobility Management Mechanism in Named Data NetworkingComputing and Informatics10.1007/978-981-99-9589-9_26(343-354)Online publication date: 26-Jan-2024
https://doi.org/10.1007/978-981-99-9589-9_26
Daniel ETschorsch F(2023)Privacy-Enhanced Content Discovery for Bitswap2023 IFIP Networking Conference (IFIP Networking)10.23919/IFIPNetworking57963.2023.10186387(1-9)Online publication date: 12-Jun-2023
https://doi.org/10.23919/IFIPNetworking57963.2023.10186387
Muscariello LPapalini MRoques OSardara MTran Van A(2023)Securing Scalable Real-time Multiparty Communications with Hybrid Information-centric NetworkingACM Transactions on Internet Technology10.1145/359358523:2(1-20)Online publication date: 19-May-2023
https://dl.acm.org/doi/10.1145/3593585
Yoshinaka YKita KTakemasa JKoizumi YHasegawa T(2023)Programmable Name Obfuscation Framework for Controlling Privacy and Performance on CCNIEEE Transactions on Network and Service Management10.1109/TNSM.2023.327525020:3(2460-2474)Online publication date: 1-Sep-2023
https://dl.acm.org/doi/10.1109/TNSM.2023.3275250
Townley DKim YDouglis FElwell JSerban CWang LAfanasyev AZhang L(2023)Secure NDN Packet EncapsulationICC 2023 - IEEE International Conference on Communications10.1109/ICC45041.2023.10279114(1106-1111)Online publication date: 28-May-2023
https://doi.org/10.1109/ICC45041.2023.10279114
Bardhi EConti MLazzeretti RLosiouk E(2023)Security and Privacy of IP-ICN Coexistence: A Comprehensive SurveyIEEE Communications Surveys & Tutorials10.1109/COMST.2023.329518225:4(2427-2455)Online publication date: 1-Oct-2023
https://dl.acm.org/doi/10.1109/COMST.2023.3295182
Shah MLeau YAnbar MBin-Salem A(2023)Security and Integrity Attacks in Named Data Networking: A SurveyIEEE Access10.1109/ACCESS.2023.323873211(7984-8004)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3238732
Yang YChen H(2023)Generative Target Tracking Method with Improved Generative Adversarial NetworkIET Circuits, Devices & Systems10.1049/2023/66205812023(1-13)Online publication date: 23-Oct-2023
https://doi.org/10.1049/2023/6620581
Rahman AHasan KKundu DIslam MDebnath TBand SKumar N(2023)On the ICN-IoT with federated learning integration of communication: Concepts, security-privacy issues, applications, and future perspectivesFuture Generation Computer Systems10.1016/j.future.2022.08.004138(61-88)Online publication date: Jan-2023
https://doi.org/10.1016/j.future.2022.08.004
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents