Ertuğrul Doğruluk, Ph.D.

Project: Side-Channel Timing Attacks in Named Data Content Privacy

Date: 2014-2019

Placed: Algoritmi Research Centre-Computer Communications and Networks (CCN), University of Minho, Braga/Portugal

Project Summary

The usage of content distribution and consumption may not be the most suitable approach for IP networks. The Named data network is a network paradigm alternatively proposed to IP networks. It based on caching contents to answer today's applications such as YouTube, Netflix, social networks etc.

The Named Data Network (NDN) is a promising network paradigm for content distribution based on caching. However, it may put consumer privacy at risk, as the adversary may identify the content, the name and the signature (namely a certificate) through side-channel timing responses from the cache of the routers. The adversary may identify the content name and the consumer node by distinguishing between cached and un-cached contents. In order to mitigate the timing attack, effective countermeasure methods have been proposed by other authors, such as random caching, random freshness, and probabilistic caching. In this work, we have implemented a timing attack scenario to evaluate the efficiency of these countermeasures and to demonstrate how the adversary can be detected.

For this goal, a brute force timing attack scenario based on a real topology was developed, which is the first brute force attack model applied in NDN. Results show that the adversary nodes can be effectively distinguished from other legitimate consumers during the attack period. It is also proposed a multi-level mechanism to detect an adversary node. Through this approach, the content distribution performance can be mitigated against the attack.

ndnSIM and ndn-testbed

To implement the attack scenario the ndnSIM and and testbed implementations are used. The testbed has been implement to University of Minho since 2014 for this project purpose. You can check the uminho testbed status by here.

For more detailed C++ and Python NDN project scenarios please visit Ertugrul's github account:

Supervised by

Prof. Antonio Costa

Prof. Joaquim Macedo