›› 2017, Vol. 32 ›› Issue (3): 585-598.doi: 10.1007/s11390-017-1730-2

Special Issue: Computer Architecture and Systems; Computer Networks and Distributed Computing

• Computer Network and Information Security • Previous Articles     Next Articles

Protecting User Privacy in a Multi-Path Information-Centric Network Using Multiple Random-Caches

Wei-Bo Chu1, Li-Fang Wang1, Ze-Jun Jiang1, Alan Chin-Chen Chang2, Fellow, IEEE   

  1. 1. School of Computer Science and Technology, Northwestern Polytechnical University, Xi'an 710072, China;
    2. Department of Information Engineering and Computer Science, Feng Chia University, Taichung, Taiwan 40724, China
  • Received:2016-10-03 Revised:2017-02-21 Online:2017-05-05 Published:2017-05-05
  • Contact: 10.1007/s11390-017-1730-2
  • About author:Wei-Bo Chu received his B.S. degree in software engineering in 2005 and his Ph.D. degree in control science and engineering in 2013, both from Xi'an Jiaotong University, Xi'an. From 2011~2012 he worked as a visiting researcher at Microsoft Research Asia, Beijing. Since 2013 he has been with the School of Computer Science and Technology, Northwestern Polytechnical University, Xi'an. His research interests include Internet measurement and modeling, traffic analysis, and performance evaluation.
  • Supported by:

    The work was supported by the Young Scientists Fund of the National Natural Science Foundation of China under Grant No. 61502393 and the Aeronautical Science Foundation of China under Grant No. 2014ZD53049.

In-network caching is a fundamental mechanism advocated by information-centric networks (ICNs) for efficient content delivery. However, this new mechanism also brings serious privacy risks due to cache snooping attacks. One effective solution to this problem is random-cache, where the cache in a router randomly mimics a cache hit or a cache miss for each content request/probe. In this paper, we investigate the effectiveness of using multiple random-caches to protect cache privacy in a multi-path ICN. We propose models for characterizing the privacy of multi-path ICNs with random-caches, and analyze two different attack scenarios: 1) prefix-based attacks and 2) suffix-based attacks. Both homogeneous and heterogeneous caches are considered. Our analysis shows that in a multi-path ICN an adversary can potentially gain more privacy information by adopting prefix-based attacks. Furthermore, heterogeneous caches provide much better privacy protection than homogeneous ones under both attacks. The effect of different parameters on the privacy of multi-path random-caches is further investigated, and the comparison with its single-path counterpart is carried out based on numerical evaluations. The analysis and results in this paper provide insights in designing and evaluating multi-path ICNs when we take privacy into consideration.

[1] Koponen T, Chawla M, Chun B et al. A data-oriented (and beyond) network architecture. ACM SIGCOMM Computer Communication Review, 2007, 37(4): 181-192.

[2] Mark A. Academic dissemination and exploitation of a clean-slate internetworking architecture: The publishsubscribe Internet routing paradigm. http://www.psirp.org/files/Deliverables/PSIRP-TR10-0003-Academic-dissemination.pdf, Mar. 2017.

[3] Jacobson V, Smetters D K, Thornton J D et al. Networking named content. In Proc. ACM International Conference on emerging Networking Experiments and Technologies, Dec. 2009, pp.1-12.

[4] Zhang L, Jacobson V, Tsudik G et al. Named data networking (NDN) project. http://named-data.org/, Mar. 2017.

[5] Cho K, Choi J, Ko D et al. Content-oriented networking as a future Internet infrastructure: Concepts, strengths, and application scenarios. In Proc. the 3rd Int. Conf. Future Internet Technologies, June 2008.

[6] Choi J, Han J, Cho E, Kwon T, Choi Y. A survey on content-oriented networking for efficient content delivery. IEEE Communications Magazine, 2011, 49(3): 121-127.

[7] Acs G, Conti M, Gasti P, Ghali C, Tsudik G. Cache privacy in named-data networking. In Proc. the 33rd International Conference on Distributed Computing Systems, July 2013, pp.41-51.

[8] Tourani R, Mick T, Misra S et al. Security, privacy, and access control in information-centric networking: A survey. arXiv: 1603.03409, 2016. https://arxiv.org/pdf/1603.034-09U1.pdf, Mar. 2017.

[9] Chaabane A, Cristofaro E D, Kaafar M A, Uzun E. Privacy in content-oriented networking: Threats and countermeasures. ACM SIGCOMM Computer Communication Review, 2013, 43(3): 25-33.

[10] Mohaisen A, Mekky H, Zhang X, Xie H, Kim Y. Timing attacks on access privacy in information centric networks and countermeasures. IEEE Transactions on Dependable and Secure Computing, 2015, 12(6): 675-687.

[11] Mohaisen A, Zhang X, Schuchard M, Xie H, Kim Y. Protecting access privacy of cached contents in information centric networks. In Proc. ACM SIGSAC Symposium on Information, Computer and Communications Security, May 2013, pp.173-178.

[12] Compagno A, Conti M, Gasti P, Mancini L V, Tsudik G. Violating consumer anonymity: Geo-locating nodes in named data networking. In Proc. the 13th International Conference on Applied Cryptography and Network Security, June 2015, pp.243-262.

[13] Felten E W, Schneider M A. Timing attacks on web privacy. In Proc. the 7th ACM Conference on Computer and Communications Security, Nov. 2000, pp.25-32.

[14] Focardi R, Gorrieri R, Lanotte R et al. Formal models of timing attacks on web privacy. Electronic Notes in Theoretical Computer Science, 2002, 62: 229-243.

[15] Gorrieri R, Lanotte R, Maggiolo-Schettini A et al. Automated analysis of timed security: A case study on Web privacy. International Journal of Information Security, 2004, 2(3/4): 168-186.

[16] Weinberg Z, Chen E, Jayaraman P, Jackson C. I still know what you visited last summer: Leaking browsing history via user interaction and side channel attacks. In Proc. IEEE Symposium on Security & Privacy, May 2011, pp.147-161.

[17] Baron L. Preventing attacks on a user's history through CSS: Visited selectors. http://dbaron.org/mozilla/visitedprivacy, Mar. 2017.

[18] Bortz A, Boneh D. Exposing private information by timing web applications. In Proc. the 16th International Conference on World Wide Web, May 2007, pp.621-628.

[19] Zhang G, Fischer-Huebner S, Martucci L et al. Revealing the calling history of SIP VoIP systems by timing attacks. In Proc. ARES, March 2009, pp.135-142.

[20] Jakobsson M, Stamm S. Web camouflage: Protecting your clients from browser-sniffing attacks. IEEE Security & Privacy, 2007, 5(6): 16-24.

[21] Schinzel S. An efficient mitigation method for timing side channels on the web. In Proc. the 2nd International Workshop on Constructive Side-Channel Analysis and Secure Design, Feb. 2011, pp.120-125.

[22] Lauinger T. Security & scalability of content-centric networking[Master's Thesis]. Technische Universitat Darmstadt, 2010.

[23] Lauinger T, Laoutaris N, Rodriguez P et al. Privacy implications of ubiquitous caching in named data networking architectures. Technical Report, TR-iSecLab-0812-001, iSecLab, 2012.

[24] Lauinger T, Laoutaris N, Rodriguez P et al. Privacy risks in named data networking: What is the cost of performance? ACM SIGCOMM Computer Communications Review, 2012, 42(5): 54-57.

[25] Wong W, Nikander P. Secure naming in information-centric networks. In Proc. the Re-Architecting the Internet Workshop, Nov. 2010, Article No. 12.

[26] Dannewitz C, Golic J, Ohlman B, Ahlgren B. Secure naming for a network of information. In Proc. INFOCOM Workshops, Mar. 2010.

[27] Burke J, Gasti P, Nathan N, Tsudik G. Securing instrumented environments over content-centric networking: The case of lighting control and NDN. In Proc. Computer Communications Workshops, Apr. 2012, pp.394-398.
No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] Cai Shijie; Zhang Fuyan;. A Fast Algorithm for Polygon Operations[J]. , 1991, 6(1): 91 -96 .
[2] Shen Yidong;. Form alizing Incomplete Knowledge in Incomplete Databases[J]. , 1992, 7(4): 295 -304 .
[3] Yu Shengke;. Reasoning in H-Net: A Unified Approach to Intelligent Hypermedia Systems[J]. , 1996, 11(1): 83 -89 .
[4] Sibabrata RAY; JIANG Hong;. Reconfigurable Optical Bus and Performance Optimization[J]. , 1996, 11(3): 296 -312 .
[5] Xue Jinyun;. Unified Approach for Developing EfficientAlgorithmic Programs[J]. , 1997, 12(4): 314 -329 .
[6] Tian Zengping; Wang Yujun; Qu Yunyao; Shi Baile;. On the Expressive Power of F-Logic Language[J]. , 1997, 12(6): 510 -519 .
[7] WU Jinzhao; LIU Zhuojun;. Linear Strategy for Boolean Ring Based Theorem Proving[J]. , 2000, 15(3): 271 -279 .
[8] Jun-Hao Zheng, Lei Deng, Peng Zhang, and Don Xie. An Efficient VLSI Architecture for Motion Compensation of AVS HDTV Decoder[J]. , 2006, 21(3): 370 -377 .
[9] Hao Lang, Bin Wang, Gareth Jones, Jin-Tao Li, Fan Ding, and Yi-Xuan Liu. Query Performance Prediction for Information Retrieval Based on Covering Topic Score[J]. , 2008, 23(4 ): 590 -601 .
[10] David C. Schwartz and Michael S. Waterman. New Generations: Sequencing Machines and Their Computational Challenges[J]. , 2010, 25(1): 3 -9 .

ISSN 1000-9000(Print)

         1860-4749(Online)
CN 11-2296/TP

Home
Editorial Board
Author Guidelines
Subscription
Journal of Computer Science and Technology
Institute of Computing Technology, Chinese Academy of Sciences
P.O. Box 2704, Beijing 100190 P.R. China
Tel.:86-10-62610746
E-mail: jcst@ict.ac.cn
 
  Copyright ©2015 JCST, All Rights Reserved