NDN is a content-centric networking architecture using globally addressable information objects, created by publishers and cached by network nodes to be later accessed by subscribers. Content poisoning attacks consist in the substi-tution by an intruder publisher of bogus objects for genuine ones created by an honest publisher. With valid credentials stolen from an honest publisher, such attacks seem unstoppa-ble unless object recipients can afford costly object content verification. We argue that limited-time validity of stolen cre-dentials gives rise to a mitigation scheme that does without such verification; instead, propagation of trust in an object is carefully designed. We formulate NDN, trust, and intruder models, and specify the mitigation scheme as a Markovian infection process on a graph, whose desirable properties we establish. We validate through simulations that bogus and genuine objects can be distinguished in a probabilistic sense, and evaluate several introduced measures of interest.
Autorzy
Informacje dodatkowe
- Kategoria
- Aktywność konferencyjna
- Typ
- publikacja w wydawnictwie zbiorowym recenzowanym (także w materiałach konferencyjnych)
- Język
- angielski
- Rok wydania
- 2019
