NDN is a content-centric networking architecture using globally addressable information objects, created by publishers and cached by network nodes to be later accessed by subscribers. Content poisoning attacks consist in the substi-tution by an intruder publisher of bogus objects for genuine ones created by an honest publisher. With valid credentials stolen from an honest publisher, such attacks seem unstoppa-ble unless object recipients can afford costly object content verification. We argue that limited-time validity of stolen cre-dentials gives rise to a mitigation scheme that does without such verification; instead, propagation of trust in an object is carefully designed. We formulate NDN, trust, and intruder models, and specify the mitigation scheme as a Markovian infection process on a graph, whose desirable properties we establish. We validate through simulations that bogus and genuine objects can be distinguished in a probabilistic sense, and evaluate several introduced measures of interest.
Authors
Additional information
- Category
- Aktywność konferencyjna
- Type
- publikacja w wydawnictwie zbiorowym recenzowanym (także w materiałach konferencyjnych)
- Language
- angielski
- Publication year
- 2019
