Content-centric networking is emerging as a credible alternative to host-centric networking, especially in scenarios of large-scale content distribution and where privacy requirements are crucial. Recently, research on content-centric networking has focused on security aspects and proposed solutions aimed to protect the network from attacks targeting the content delivery protocols. Content-centric networks are based on the strong assumption of being able to access genuine content from genuine nodes, which is however unrealistic and could open the door to disruptive attacks. Network node misbehavior, either due to poisoning attacks or malfunctioning, can act as a persistent threat that goes unnoticed and causes dangerous consequences. In this paper, we propose a novel certification methodology for content-centric networks that improves transparency and increases trustworthiness of the network and its nodes. The proposed approach builds on behavioral analysis and implements a continuous certification process that collects evidence from the network nodes and verifies their non-functional properties using a rule-based inference model. Utility, performance, and soundness of our approach have been experimentally evaluated on a simulated Named Data Networking (NDN) network targeting properties availability, integrity, and non-repudiation.

Security Certification Scheme for Content-centric Networks / M. Anisetti, C.A. Ardagna, F. Berto, E. Damiani - In: 2021 IEEE International Conference on Services Computing (SCC)[s.l] : IEEE, 2021. - ISBN 978-1-6654-1683-2. - pp. 203-212 (( convegno SCC tenutosi a Chicago nel 2021 [10.1109/SCC53864.2021.00033].

Security Certification Scheme for Content-centric Networks

M. Anisetti
Primo
;
C.A. Ardagna
Secondo
;
F. Berto
Penultimo
;
E. Damiani
Ultimo
2021

Abstract

Content-centric networking is emerging as a credible alternative to host-centric networking, especially in scenarios of large-scale content distribution and where privacy requirements are crucial. Recently, research on content-centric networking has focused on security aspects and proposed solutions aimed to protect the network from attacks targeting the content delivery protocols. Content-centric networks are based on the strong assumption of being able to access genuine content from genuine nodes, which is however unrealistic and could open the door to disruptive attacks. Network node misbehavior, either due to poisoning attacks or malfunctioning, can act as a persistent threat that goes unnoticed and causes dangerous consequences. In this paper, we propose a novel certification methodology for content-centric networks that improves transparency and increases trustworthiness of the network and its nodes. The proposed approach builds on behavioral analysis and implements a continuous certification process that collects evidence from the network nodes and verifies their non-functional properties using a rule-based inference model. Utility, performance, and soundness of our approach have been experimentally evaluated on a simulated Named Data Networking (NDN) network targeting properties availability, integrity, and non-repudiation.
Content-centric networking; named data networking; security; certification
Settore INF/01 - Informatica
H20_RIA19EDAMI_01 - Cyber security cOmpeteNce fOr Research anD Innovation (CONCORDIA) - DAMIANI, ERNESTO - H20_RIA - Horizon 2020_Research & Innovation Action/Innovation Action - 2019
Book Part (author)
File in questo prodotto:
File Dimensione Formato  
main (26).pdf

accesso riservato

Tipologia: Post-print, accepted manuscript ecc. (versione accettata dall'editore)
Dimensione 440.83 kB
Formato Adobe PDF
440.83 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
Security_Certification_Scheme_for_Content-centric_Networks.pdf

accesso riservato

Tipologia: Publisher's version/PDF
Dimensione 1.02 MB
Formato Adobe PDF
1.02 MB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

Caricamento pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/888053
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? 1
social impact