TY - GEN
T1 - Trust-based verification attack prevention scheme using tendency of contents request on NDN
AU - Nakano, Hironori
AU - Kato, Hiroya
AU - Haruta, Shuichiro
AU - Yoshida, Masashi
AU - Sasase, Iwao
N1 - Funding Information:
This work is partly supported by the Grant in Aid for Scientific Research (No.17K06440) from Japan Society for Promotion of Science (JSPS)
Publisher Copyright:
© 2019 IEEE.
PY - 2019/11
Y1 - 2019/11
N2 - To realize content distribution, NDN (Named Data Networking) is gathering attention. Since NDN is vulnerable to spreading fake contents, router based verification schemes are proposed to solve this problem. However, routers are vulnerable to the attack which puts a burden to them by verification of contents (verification attack). In order to detect it, the scheme leveraging the fact that the number of the request of unverified contents and the verification of them increase under the attack is proposed. While verification attack can be detected by that scheme, the attack has already occurred. In order to detect the attack before it occurs, in this paper, we propose a trust-based verification attack prevention scheme using tendency of contents request on NDN. We focus on the fact that the access interval to unverified contents tends to be short dramatically just before verification attack occurs. By leveraging this fact, the router determines that verification attack has occurred and restricts requests of all users temporarily. However, in this case, it is impossible to identify attackers, and the requests of legitimate users are also restricted. Therefore, we focus on the fact that legitimate users tend not to request contents in a cache in many cases. Meanwhile, in order to conduct verification attack, attackers need to request such contents for a short time. By giving low trust value to users requesting these contents, a router can identify attackers and restrict only attackers' requests. Our evaluation results show our scheme can detect verification attack before the attack. Furthermore, we clearly demonstrate that our scheme can restrict only attackers' requests.
AB - To realize content distribution, NDN (Named Data Networking) is gathering attention. Since NDN is vulnerable to spreading fake contents, router based verification schemes are proposed to solve this problem. However, routers are vulnerable to the attack which puts a burden to them by verification of contents (verification attack). In order to detect it, the scheme leveraging the fact that the number of the request of unverified contents and the verification of them increase under the attack is proposed. While verification attack can be detected by that scheme, the attack has already occurred. In order to detect the attack before it occurs, in this paper, we propose a trust-based verification attack prevention scheme using tendency of contents request on NDN. We focus on the fact that the access interval to unverified contents tends to be short dramatically just before verification attack occurs. By leveraging this fact, the router determines that verification attack has occurred and restricts requests of all users temporarily. However, in this case, it is impossible to identify attackers, and the requests of legitimate users are also restricted. Therefore, we focus on the fact that legitimate users tend not to request contents in a cache in many cases. Meanwhile, in order to conduct verification attack, attackers need to request such contents for a short time. By giving low trust value to users requesting these contents, a router can identify attackers and restrict only attackers' requests. Our evaluation results show our scheme can detect verification attack before the attack. Furthermore, we clearly demonstrate that our scheme can restrict only attackers' requests.
KW - Content poisoning attack
KW - NDN
KW - Trust value
KW - Verification attack
UR - http://www.scopus.com/inward/record.url?scp=85082970494&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85082970494&partnerID=8YFLogxK
U2 - 10.1109/APCC47188.2019.9026521
DO - 10.1109/APCC47188.2019.9026521
M3 - Conference contribution
AN - SCOPUS:85082970494
T3 - Proceedings of 2019 25th Asia-Pacific Conference on Communications, APCC 2019
SP - 159
EP - 164
BT - Proceedings of 2019 25th Asia-Pacific Conference on Communications, APCC 2019
A2 - Bao, Vo Nguyen Quoc
A2 - Thanh, Tran Thien
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 25th Asia-Pacific Conference on Communications, APCC 2019
Y2 - 6 November 2019 through 8 November 2019
ER -