Mitigating Content Poisoning With Name-Key Based Forwarding and Multipath Forwarding Based Inband Probe for Energy Management in Smart Cities

Xiaoyan Hu; Jian Gong; Guang Cheng; Guoqiang Zhang; Chengyu Fan

doi:10.1109/ACCESS.2018.2854928

IEEE Access (Jan 2018)

Mitigating Content Poisoning With Name-Key Based Forwarding and Multipath Forwarding Based Inband Probe for Energy Management in Smart Cities

Xiaoyan Hu,
Jian Gong,
Guang Cheng,
Guoqiang Zhang,
Chengyu Fan

Affiliations

Xiaoyan Hu: ORCiD; School of Cyber Science and Engineering, Southeast University, Nanjing, China
Jian Gong: School of Cyber Science and Engineering, Southeast University, Nanjing, China
Guang Cheng: School of Cyber Science and Engineering, Southeast University, Nanjing, China
Guoqiang Zhang: School of Computer Science and Technology, Nanjing Normal University, Nanjing, China
Chengyu Fan: Computer Science Department, Colorado State University, Fort Collins, CO, USA

DOI: https://doi.org/10.1109/ACCESS.2018.2854928
Journal volume & issue: Vol. 6
pp. 39692 – 39704

Abstract

Read online

As a promising future Internet architecture, named data networking (NDN) supports namebased routing and caching for content retrieval throughout the network, which enables fast, reliable, and, more importantly, energy-efficient content dissemination in smart cities. However, NDN's vulnerability against the content poisoning attack is considered to decelerate the process of applying NDN to energy management in smart cities. The content poisoning isolates valid content from the network by injecting a poisoned content with a legitimate name into in-network caches. The caching, delivery, and signature verification of poisoned content diminish the advantage of NDN in energy efficiency when it disseminates content in smart cities. This paper focuses on content poisoning mitigation for energy management in smart cities and first analyzes the state of the art and the challenges of content poisoning mitigation. We then propose a light-weight mitigation mechanism by enhancing NDN with a name-key-based forwarding and multipath forwarding-based inband probe. Name-key-based forwarding forwards interests toward content sources trusted by consumers to reduce the injection of poisoned content. If there is still on-path content poisoning, the multipath forwarding of a reissued interest that excludes poisoned content acts as inband probes and invokes on-demand signature verifications at intermediate routers. This purges poisoned content from caches as soon as possible, delivers legitimate content to the present consumer, and restores legitimate content retrieval for future Interests without requiring any out-of-band communications. Our experimental results demonstrate that our proposed content poisoning mitigation mechanism restores legitimate content retrieval pretty soon with relatively small verification overhead at intermediate routers and is well adapted to diverse network settings, which would accelerate the deployment of NDN in smart cities to disseminate content in an energy-efficient way.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords