Backscatter from the Data Plane --- Threats to Stability and Security in Information-Centric Networking

TL;DR

This paper analyzes security threats and stability issues in Information-Centric Networking, focusing on how data plane vulnerabilities can be exploited and discussing potential mitigation strategies.

Contribution

It provides a theoretical and experimental analysis of control-data plane coupling vulnerabilities in ICN and explores new attack vectors and mitigation possibilities.

Findings

Coupling of control and data planes can be exploited for attacks.

Resource-performance relations impact network stability.

Mitigation strategies have limitations in current ICN implementations.

Abstract

Information-centric networking proposals attract much attention in the ongoing search for a future communication paradigm of the Internet. Replacing the host-to-host connectivity by a data-oriented publish/subscribe service eases content distribution and authentication by concept, while eliminating threats from unwanted traffic at an end host as are common in today's Internet. However, current approaches to content routing heavily rely on data-driven protocol events and thereby introduce a strong coupling of the control to the data plane in the underlying routing infrastructure. In this paper, threats to the stability and security of the content distribution system are analyzed in theory and practical experiments. We derive relations between state resources and the performance of routers and demonstrate how this coupling can be misused in practice. We discuss new attack vectors present in its current state of development, as well as possibilities and limitations to mitigate them.