TY - GEN
T1 - Name anomaly detection for ICN
AU - Kondo, Daishi
AU - Silverston, Thomas
AU - Tode, Hideki
AU - Asami, Tohru
AU - Perrin, Olivier
N1 - Funding Information:
This work is supported by DOCTOR Project, funded by French National Research Agency (ANR-14-CE28-0001), and the GreenICN project (GreenICN: Architecture and Applications of Green Information Centric Networking), a research project supported jointly by the European Commission under its 7th Framework Program (contract no. 608518) and the National Institute of Information and Communications Technology (NICT) in Japan (contract no. 167).
Publisher Copyright:
© 2016 IEEE.
PY - 2016/8/22
Y1 - 2016/8/22
N2 - Information leakages are one of the main security threats in today's Internet. As ICN is expected to become the core architecture for Future Internet, it is therefore mandatory to prevent this threat. This paper proves that some ICN configuration prevents information leakages via Data packets and shows that it is an open problem to prevent interest packets from carrying encoded crucial information in their names. Assuming that names in ICN will follow the current URL format commonly used in the Internet, we get the statistics of web URL based on extensive crawling experiments of main internet organizations. Then we propose a simple filtering technique based on these statistics for firewall to detect anomalous names in ICN. The experiment shows that our filtering technique recognizes 15% of names in our dataset as malicious. As the false positive rate is still high for this filter to be used in a real world operation, this work is an important step for detecting anomalous names and preventing information-leakage in ICN.
AB - Information leakages are one of the main security threats in today's Internet. As ICN is expected to become the core architecture for Future Internet, it is therefore mandatory to prevent this threat. This paper proves that some ICN configuration prevents information leakages via Data packets and shows that it is an open problem to prevent interest packets from carrying encoded crucial information in their names. Assuming that names in ICN will follow the current URL format commonly used in the Internet, we get the statistics of web URL based on extensive crawling experiments of main internet organizations. Then we propose a simple filtering technique based on these statistics for firewall to detect anomalous names in ICN. The experiment shows that our filtering technique recognizes 15% of names in our dataset as malicious. As the false positive rate is still high for this filter to be used in a real world operation, this work is an important step for detecting anomalous names and preventing information-leakage in ICN.
UR - http://www.scopus.com/inward/record.url?scp=84987735525&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84987735525&partnerID=8YFLogxK
U2 - 10.1109/LANMAN.2016.7548854
DO - 10.1109/LANMAN.2016.7548854
M3 - Conference contribution
AN - SCOPUS:84987735525
T3 - IEEE Workshop on Local and Metropolitan Area Networks
BT - IEEE LANMAN 2016 - 22nd IEEE International Symposium on Local and Metropolitan Area Networks
PB - IEEE Computer Society
T2 - 22nd IEEE International Symposium on Local and Metropolitan Area Networks, IEEE LANMAN 2016
Y2 - 13 June 2016 through 15 June 2016
ER -