Please use this identifier to cite or link to this item:

TitlePublic key certificate privacy in VoNDN: voice over named data networks
Author(s)Dogruluk, Ertugrul
Gama, Óscar Sílvio Marques Almeida
Costa, António
Macedo, Joaquim
Public key
IP networks
Data privacy
certificate privacy
a side-channel timing attack
Issue date2020
JournalIEEE Access
CitationE. Dogruluk, Ó. Gama, A. D. Costa and J. Macedo, "Public Key Certificate Privacy in VoNDN: Voice Over Named Data Networks," in IEEE Access, vol. 8, pp. 145803-145823, 2020, doi: 10.1109/ACCESS.2020.3014898.
Abstract(s)Named Data Network (NDN) is a network paradigm that attempts to answer today's needs for distribution. One of the NDN key features is in-network caching to increase content distribution and network efficiency. However, this feature may increase the privacy concerns, as the adversary may identify the call history, and the callee/caller location through side-channel timing responses from the cache of trusted Voice over NDN (VoNDN) application routers. The side-channel timing attack can be mitigated by countermeasures, such as additional unpredictable delay, random caching, group signatures, and no-caching configurations. However, the content distribution may be affected by pre-configured countermeasures, which may be against the original purpose of NDN. In this work, the detection and defense (DaD) approach is proposed to mitigate the attack efficiently and effectively. With the DaD usage, an attack can be detected by a multi-level detection mechanism, in order to apply the countermeasures against the adversarial faces. Also, the detections can be used to determine the severity of the attack. In order to detect the behavior of an adversary, a brute-force timing attack was implemented and simulated of the VoNDN application on NDN-testbed. A trusted application that mimics the VoNDN and identifies the cached certificate on a worldwide NDN-testbed. In simulation primary results showed that the multi-level detection based on DaD mitigated the attack about 39.1% in best-route, and 36.5% in multicast communications. Additionally, the results showed that DaD preserves privacy without compromising the efficiency benefits of in-network caching in the VoNDN application.
DescriptionScenarios were scripted by the C++11 library in ndnSIM 2.6. The scenario implementations and required tools can be publicly accessible at the author’s GitHub account—
Publisher version
AccessOpen access
Appears in Collections:CAlg - Artigos em livros de atas/Papers in proceedings

Files in This Item:
File Description SizeFormat 
Public Key Certificate Privacy in VoNDN Voice Over Named Data Networks.pdf3,83 MBAdobe PDFView/Open

This item is licensed under a Creative Commons License Creative Commons

Partilhe no FacebookPartilhe no TwitterPartilhe no DeliciousPartilhe no LinkedInPartilhe no DiggAdicionar ao Google BookmarksPartilhe no MySpacePartilhe no Orkut
Exporte no formato BibTex mendeley Exporte no formato Endnote Adicione ao seu ORCID