Your SlideShare is downloading. ×
0
PIT Overload Analysis in Content Centric Networks - Slides ICN '13
PIT Overload Analysis in Content Centric Networks - Slides ICN '13
PIT Overload Analysis in Content Centric Networks - Slides ICN '13
PIT Overload Analysis in Content Centric Networks - Slides ICN '13
PIT Overload Analysis in Content Centric Networks - Slides ICN '13
PIT Overload Analysis in Content Centric Networks - Slides ICN '13
PIT Overload Analysis in Content Centric Networks - Slides ICN '13
PIT Overload Analysis in Content Centric Networks - Slides ICN '13
PIT Overload Analysis in Content Centric Networks - Slides ICN '13
PIT Overload Analysis in Content Centric Networks - Slides ICN '13
PIT Overload Analysis in Content Centric Networks - Slides ICN '13
PIT Overload Analysis in Content Centric Networks - Slides ICN '13
PIT Overload Analysis in Content Centric Networks - Slides ICN '13
PIT Overload Analysis in Content Centric Networks - Slides ICN '13
PIT Overload Analysis in Content Centric Networks - Slides ICN '13
PIT Overload Analysis in Content Centric Networks - Slides ICN '13
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

PIT Overload Analysis in Content Centric Networks - Slides ICN '13

110

Published on

Analysis of the Pending Interest Table behavior in the context of a distributed denial of service attack. …

Analysis of the Pending Interest Table behavior in the context of a distributed denial of service attack.
Slides presented at:
3rd ACM SIGCOMM Workshop on Information-Centric Networking (ICN 2013) - Hong Kong, China
The paper is available at:
http://conferences.sigcomm.org/sigcomm/2013/papers/icn/p67.pdf

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
110
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013 1/16 PIT Overload Analysis in Content Centric Networks Matteo Virgilio, Guido Marchetto, Riccardo Sisto Department of Control and Computer Engineering Politecnico di Torino
  • 2. ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013 2/16 A stateful protocol: the Pending Interest Table • Used to store all seen Interests • One entry for each requested piece of content • Multiple Interests for a single name are merged in a single entry (Interest merging) Name Pending Interfaces /acm.org/papers/paperA.pdf/1 etho /acm.org/papers/paperB.pdf/1 eth1 /acm.org/papers/paperA.pdf/2 eth0 /acm.org/papers/paperB.pdf/2 eth1 CCN Router PIT
  • 3. ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013 3/16 Problem Description • Malicious users could craft Interests for non existing resources: Interest Flooding Attack (IFA) – Very long random names – possibly long lifetime values (even hundreads of seconds) • Why do we have to consider so “long” requests? The answer is long-polling! • Supporting publish/subscribe paradigm may require to store long (potentially unanswered) requests for a long period of time • No information about when the response will be generated (routers cannot make any assumption) • Simply dropping Interests with high lifetime is too simplistic
  • 4. ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013 4/16 What has been done in recent literature? • A wide part of the research activity focused on privacy and data integrity issues • What about the PIT? – Some architecture proposals • Bloom filter implementation of the PIT (DiPIT) • Hash based PIT implementation with some interesting variants (Name Prefix Tree encoding) – Reactive algorithms for IFA handling: • Statistics based reaction to attackers activity; • Poseidon Framework (very recent)
  • 5. ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013 5/16 Our contribution • Simulation based approach – we developed a full custom Java ccnSimulator • Different target: evaluating attack impact on a real topology • Evaluate different PIT architectures in various network load (and attack) scenarios
  • 6. ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013 6/16 Simulation scenario • Reference topology from Telecom Italia (the most prominent Italian ISP) • 9 milions of subscribers • ADSL with 7Mbps/1Mbps (downlink/uplink) • Zipf content distribution • Metrics gathered – Chunk retransmission rate at the endpoints • Fixed PIT size – 1 GB
  • 7. ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013 7/16 Attack model • Distributed bot net • Different simulation campaigns 1) Variable lifeTime 2) Variable bandwidth • Different URI size  ≈1000 bytes for the SimplePIT case  20 bytes for the HashedPIT case (SHA-1 as hashing algorithm)
  • 8. ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013 8/16 Attacker’s transmission efficiency SimplePIT Attack efficiency HashedPIT, DiPIT Attack efficiency Interest Header (20 bytes) Resource name (1000 bytes) Interest Header (20 bytes) Resource name (20 bytes) %98 )100020( 1000   bytes bytes %50 )2020( 20   bytes bytes
  • 9. ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013 9/16 Simulation Results (1) AttackSettings SimplePIT Retransmissions /RAMusage HashedPIT Retransmissions/RAMusage DiPIT Retransmissions /RAMusage Band = 100 Mbps LifeTime= 4 sec 0 49 MB 0 25 MB 0.01 % 1 GB Band = 500 Mbps LifeTime= 4 sec 0 245 MB 0 125 MB 2.42 % 1 GB Band = 2Gbps LifeTime= 4 sec 0 980 MB 0 500 MB 87.6 % 1 GB Band = 4Gbps LifeTime= 4 sec 15 % FULL 83 % FULL 90 % 1 GB Band = 100 Mbps LifeTime= 60 sec 0 735 MB 0 375 MB 21 % 1 GB Band = 100 Mbps LifeTime= 120 sec 37 % FULL 0 750 MB 86 % 1 GB Band = 100 Mbps LifeTime= 180 sec 52 % FULL ∞ FULL 88 % 1 GB
  • 10. ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013 10/16 Simulation Results (1) AttackSettings SimplePIT Retransmissions /RAMusage HashedPIT Retransmissions/RAMusage DiPIT Retransmissions /RAMusage Band = 100 Mbps LifeTime= 4 sec 0 49 MB 0 25 MB 0.01 % 1 GB Band = 500 Mbps LifeTime= 4 sec 0 245 MB 0 125 MB 2.42 % 1 GB Band = 2Gbps LifeTime= 4 sec 0 980 MB 0 500 MB 87.6 % 1 GB Band = 4Gbps LifeTime= 4 sec 15 % FULL 83 % FULL 90 % 1 GB Band = 100 Mbps LifeTime= 60 sec 0 735 MB 0 375 MB 21 % 1 GB Band = 100 Mbps LifeTime= 120 sec 37 % FULL 0 750 MB 86 % 1 GB Band = 100 Mbps LifeTime= 180 sec 52 % FULL ∞ FULL 88 % 1 GB
  • 11. ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013 11/16 Simulation Results (1) AttackSettings SimplePIT Retransmissions /RAMusage HashedPIT Retransmissions/RAMusage DiPIT Retransmissions /RAMusage Band = 100 Mbps LifeTime= 4 sec 0 49 MB 0 25 MB 0.01 % 1 GB Band = 500 Mbps LifeTime= 4 sec 0 245 MB 0 125 MB 2.42 % 1 GB Band = 2Gbps LifeTime= 4 sec 0 980 MB 0 500 MB 87.6 % 1 GB Band = 4Gbps LifeTime= 4 sec 15 % FULL 83 % FULL 90 % 1 GB Band = 100 Mbps LifeTime= 60 sec 0 735 MB 0 375 MB 21 % 1 GB Band = 100 Mbps LifeTime= 120 sec 37 % FULL 0 750 MB 86 % 1 GB Band = 100 Mbps LifeTime= 180 sec 52 % FULL ∞ FULL 88 % 1 GB
  • 12. ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013 12/16 Simulation Results (1) AttackSettings SimplePIT Retransmissions /RAMusage HashedPIT Retransmissions/RAMusage DiPIT Retransmissions /RAMusage Band = 100 Mbps LifeTime= 4 sec 0 49 MB 0 25 MB 0.01 % 1 GB Band = 500 Mbps LifeTime= 4 sec 0 245 MB 0 125 MB 2.42 % 1 GB Band = 2Gbps LifeTime= 4 sec 0 980 MB 0 500 MB 87.6 % 1 GB Band = 4Gbps LifeTime= 4 sec 15 % FULL 83 % FULL 90 % 1 GB Band = 100 Mbps LifeTime= 60 sec 0 735 MB 0 375 MB 21 % 1 GB Band = 100 Mbps LifeTime= 120 sec 37 % FULL 0 750 MB 86 % 1 GB Band = 100 Mbps LifeTime= 180 sec 52 % FULL ∞ FULL 88 % 1 GB
  • 13. ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013 13/16 Simulation Results (2) • Settings: Band = 100 Mbps, LifeTime = 180 sec • Settings: Band = 4 Gbps, LifeTime = 4 sec
  • 14. ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013 14/16 Conclusion • All the architectures work properly in normal network conditions and also in presence of low intensity attack • HashedPIT is the most affected PIT in our context • Other scenarios could be designed to worsen SimplePIT too – Distribute more zombies around the network; – Combine both high bandwidth and high lifetime to maximize the attack effectiveness; – … • Scalable and robust solutions are needed to ensure an adequate level of confidence to the CCN paradigm.
  • 15. ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013 15/16 Future contribution • Very recent solutions have been proposed to mitigate the impact of Interest Flooding Attacks • Our plan for the future is to evaluate them in our scenarios in terms of: – Resilience – CPU usage – Memory usage
  • 16. ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013 16/16 Thank you for the attention!

×