-
Security and Privacy Analysis of NSF Future Internet Architectures
Authors:
Moreno Ambrosin,
Alberto Compagno,
Mauro Conti,
Cesar Ghali,
Gene Tsudik
Abstract:
The Internet Protocol (IP) is the lifeblood of the modern Internet. Its simplicity and universality have fueled the unprecedented and lasting global success of the current Internet. Nonetheless, some limitations of IP have been emerging in recent years. Its original design envisaged supporting perhaps tens of thousands of static hosts operating in a friendly academic-like setting, mainly in order…
▽ More
The Internet Protocol (IP) is the lifeblood of the modern Internet. Its simplicity and universality have fueled the unprecedented and lasting global success of the current Internet. Nonetheless, some limitations of IP have been emerging in recent years. Its original design envisaged supporting perhaps tens of thousands of static hosts operating in a friendly academic-like setting, mainly in order to facilitate email communication and remote access to scarce computing resources. At present IP interconnects billions of static and mobile devices (ranging from supercomputers to IoT gadgets) with a large and dynamic set of popular applications. Starting in mid-1990s, the advent of mobility, wirelessness and the web substantially shifted Internet usage and communication paradigms. This accentuated long-term concerns about the current Internet architecture and prompted interest in alternative designs.
The U.S. National Science Foundation (NSF) has been one of the key supporters of efforts to design a set of candidate next-generation Internet architectures. As a prominent design requirement, NSF emphasized "security and privacy by design" in order to avoid the long and unhappy history of incremental patching and retrofitting that characterizes the current Internet architecture. To this end, as a result of a competitive process, four prominent research projects were funded by the NSF in 2010: Nebula, Named-Data Networking (NDN), MobilityFirst (MF), and Expressive Internet Architecture (XIA). This paper provides a comprehensive and neutral analysis of salient security and privacy features (and issues) in these NSF-funded Future Internet Architectures. It also compares the four candidate designs with the current IP-based architecture and discusses similarities, differences, and possible improvements.
△ Less
Submitted 10 October, 2016; v1 submitted 2 October, 2016;
originally announced October 2016.
-
Don't Skype & Type! Acoustic Eavesdropping in Voice-Over-IP
Authors:
Alberto Compagno,
Mauro Conti,
Daniele Lain,
Gene Tsudik
Abstract:
Acoustic emanations of computer keyboards represent a serious privacy issue. As demonstrated in prior work, physical properties of keystroke sounds might reveal what a user is typing. However, previous attacks assumed relatively strong adversary models that are not very practical in many real-world settings. Such strong models assume: (i) adversary's physical proximity to the victim, (ii) precise…
▽ More
Acoustic emanations of computer keyboards represent a serious privacy issue. As demonstrated in prior work, physical properties of keystroke sounds might reveal what a user is typing. However, previous attacks assumed relatively strong adversary models that are not very practical in many real-world settings. Such strong models assume: (i) adversary's physical proximity to the victim, (ii) precise profiling of the victim's typing style and keyboard, and/or (iii) significant amount of victim's typed information (and its corresponding sounds) available to the adversary.
This paper presents and explores a new keyboard acoustic eavesdropping attack that involves Voice-over-IP (VoIP), called Skype & Type (S&T), while avoiding prior strong adversary assumptions. This work is motivated by the simple observation that people often engage in secondary activities (including typing) while participating in VoIP calls. As expected, VoIP software acquires and faithfully transmits all sounds, including emanations of pressed keystrokes, which can include passwords and other sensitive information. We show that one very popular VoIP software (Skype) conveys enough audio information to reconstruct the victim's input -- keystrokes typed on the remote keyboard. Our results demonstrate that, given some knowledge on the victim's typing style and keyboard model, the attacker attains top-5 accuracy of 91.7% in guessing a random key pressed by the victim.
Furthermore, we demonstrate that S&T is robust to various VoIP issues (e.g., Internet bandwidth fluctuations and presence of voice over keystrokes), thus confirming feasibility of this attack. Finally, it applies to other popular VoIP software, such as Google Hangouts.
△ Less
Submitted 11 March, 2017; v1 submitted 29 September, 2016;
originally announced September 2016.
-
To NACK or not to NACK? Negative Acknowledgments in Information-Centric Networking
Authors:
Alberto Compagno,
Mauro Conti,
Cesar Ghali,
Gene Tsudik
Abstract:
Information-Centric Networking (ICN) is an internetworking paradigm that offers an alternative to the current IP\nobreakdash-based Internet architecture. ICN's most distinguishing feature is its emphasis on information (content) instead of communication endpoints. One important open issue in ICN is whether negative acknowledgments (NACKs) at the network layer are useful for notifying downstream no…
▽ More
Information-Centric Networking (ICN) is an internetworking paradigm that offers an alternative to the current IP\nobreakdash-based Internet architecture. ICN's most distinguishing feature is its emphasis on information (content) instead of communication endpoints. One important open issue in ICN is whether negative acknowledgments (NACKs) at the network layer are useful for notifying downstream nodes about forwarding failures, or requests for incorrect or non-existent information. In benign settings, NACKs are beneficial for ICN architectures, such as CCNx and NDN, since they flush state in routers and notify consumers. In terms of security, NACKs seem useful as they can help mitigating so-called Interest Flooding attacks. However, as we show in this paper, network-layer NACKs also have some unpleasant security implications. We consider several types of NACKs and discuss their security design requirements and implications. We also demonstrate that providing secure NACKs triggers the threat of producer-bound flooding attacks. Although we discuss some potential countermeasures to these attacks, the main conclusion of this paper is that network-layer NACKs are best avoided, at least for security reasons.
△ Less
Submitted 6 March, 2015;
originally announced March 2015.
-
IRIDE White Book, An Interdisciplinary Research Infrastructure based on Dual Electron linacs&lasers
Authors:
D. Alesini,
M. Alessandroni,
M. P. Anania,
S. Andreas,
M. Angelone,
A. Arcovito,
F. Arnesano,
M. Artioli,
L. Avaldi,
D. Babusci,
A. Bacci,
A. Balerna,
S. Bartalucci,
R. Bedogni,
M. Bellaveglia,
F. Bencivenga,
M. Benfatto,
S. Biedron,
V. Bocci,
M. Bolognesi,
P. Bolognesi,
R. Boni,
R. Bonifacio,
M. Boscolo,
F. Boscherini
, et al. (189 additional authors not shown)
Abstract:
This report describes the scientific aims and potentials as well as the preliminary technical design of IRIDE, an innovative tool for multi-disciplinary investigations in a wide field of scientific, technological and industrial applications. IRIDE will be a high intensity 'particle factory', based on a combination of a high duty cycle radio-frequency superconducting electron linac and of high ener…
▽ More
This report describes the scientific aims and potentials as well as the preliminary technical design of IRIDE, an innovative tool for multi-disciplinary investigations in a wide field of scientific, technological and industrial applications. IRIDE will be a high intensity 'particle factory', based on a combination of a high duty cycle radio-frequency superconducting electron linac and of high energy lasers. Conceived to provide unique research possibilities for particle physics, for condensed matter physics, chemistry and material science, for structural biology and industrial applications, IRIDE will open completely new research possibilities and advance our knowledge in many branches of science and technology. IRIDE will contribute to open new avenues of discoveries and to address most important riddles: What does matter consist of? What is the structure of proteins that have a fundamental role in life processes? What can we learn from protein structure to improve the treatment of diseases and to design more efficient drugs? But also how does an electronic chip behave under the effect of radiations? How can the heat flow in a large heat exchanger be optimized? The scientific potential of IRIDE is far reaching and justifies the construction of such a large facility in Italy in synergy with the national research institutes and companies and in the framework of the European and international research. It will impact also on R&D work for ILC, FEL, and will be complementarity to other large scale accelerator projects. IRIDE is also intended to be realized in subsequent stages of development depending on the assigned priorities.
△ Less
Submitted 30 July, 2013;
originally announced July 2013.
-
Poseidon: Mitigating Interest Flooding DDoS Attacks in Named Data Networking
Authors:
Alberto Compagno,
Mauro Conti,
Paolo Gasti,
Gene Tsudik
Abstract:
Content-Centric Networking (CCN) is an emerging networking paradigm being considered as a possible replacement for the current IP-based host-centric Internet infrastructure. In CCN, named content becomes a first-class entity. CCN focuses on content distribution, which dominates current Internet traffic and is arguably not well served by IP. Named-Data Networking (NDN) is an example of CCN. NDN is…
▽ More
Content-Centric Networking (CCN) is an emerging networking paradigm being considered as a possible replacement for the current IP-based host-centric Internet infrastructure. In CCN, named content becomes a first-class entity. CCN focuses on content distribution, which dominates current Internet traffic and is arguably not well served by IP. Named-Data Networking (NDN) is an example of CCN. NDN is also an active research project under the NSF Future Internet Architectures (FIA) program. FIA emphasizes security and privacy from the outset and by design. To be a viable Internet architecture, NDN must be resilient against current and emerging threats. This paper focuses on distributed denial-of-service (DDoS) attacks; in particular we address interest flooding, an attack that exploits key architectural features of NDN. We show that an adversary with limited resources can implement such attack, having a significant impact on network performance. We then introduce Poseidon: a framework for detecting and mitigating interest flooding attacks. Finally, we report on results of extensive simulations assessing proposed countermeasure.
△ Less
Submitted 1 August, 2013; v1 submitted 19 March, 2013;
originally announced March 2013.
