PIT Overload Analysis in Content Centric Networks Matteo Virgilio, - - PowerPoint PPT Presentation

pit overload analysis in content
SMART_READER_LITE
LIVE PREVIEW

PIT Overload Analysis in Content Centric Networks Matteo Virgilio, - - PowerPoint PPT Presentation

Dec 14, 2023 226 likes •397 views

ACM SIGCOMM Workshop on Information-Centric Networking 12/08/2013 PIT Overload Analysis in Content Centric Networks Matteo Virgilio, Guido Marchetto, Riccardo Sisto Department of Control and Computer Engineering Politecnico di Torino 1/16

slide-1
SLIDE 1

ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013

1/16

PIT Overload Analysis in Content Centric Networks

Matteo Virgilio, Guido Marchetto, Riccardo Sisto

Department of Control and Computer Engineering

Politecnico di Torino

slide-2
SLIDE 2

ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013

2/16

A stateful protocol: the Pending Interest Table

  • Used to store all seen Interests
  • One entry for each requested piece of content
  • Multiple Interests for a single name are merged in a single

entry (Interest merging)

Name Pending Interfaces /acm.org/papers/paperA.pdf/1 etho /acm.org/papers/paperB.pdf/1 eth1 /acm.org/papers/paperA.pdf/2 eth0 /acm.org/papers/paperB.pdf/2 eth1

CCN Router PIT

slide-3
SLIDE 3

ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013

3/16

Problem Description

  • Malicious users could craft Interests for non existing

resources: Interest Flooding Attack (IFA)

– Very long random names – possibly long lifetime values (even hundreads of seconds)

  • Why do we have to consider so “long” requests? The

answer is long-polling!

  • Supporting publish/subscribe paradigm may require to

store long (potentially unanswered) requests for a long period of time

  • No information about when the response will be generated

(routers cannot make any assumption)

  • Simply dropping Interests with high lifetime is too simplistic
slide-4
SLIDE 4

ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013

4/16

What has been done in recent literature?

  • A wide part of the research activity focused on privacy and

data integrity issues

  • What about the PIT?

– Some architecture proposals

  • Bloom filter implementation of the PIT (DiPIT)
  • Hash based PIT implementation with some interesting variants

(Name Prefix Tree encoding)

– Reactive algorithms for IFA handling:

  • Statistics based reaction to attackers activity;
  • Poseidon Framework (very recent)
slide-5
SLIDE 5

ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013

5/16

Our contribution

  • Simulation based approach

– we developed a full custom Java ccnSimulator

  • Different target: evaluating attack impact on a real

topology

  • Evaluate different PIT architectures in various network load

(and attack) scenarios

slide-6
SLIDE 6

ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013

6/16

Simulation scenario

  • Reference topology from Telecom Italia (the most prominent

Italian ISP)

  • 9 milions of subscribers
  • ADSL with 7Mbps/1Mbps

(downlink/uplink)

  • Zipf content distribution
  • Metrics gathered

– Chunk retransmission rate at the endpoints

  • Fixed PIT size

– 1 GB

slide-7
SLIDE 7

ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013

7/16

Attack model

  • Distributed bot net
  • Different simulation campaigns

1) Variable lifeTime 2) Variable bandwidth

  • Different URI size

 ≈1000 bytes for the SimplePIT case  20 bytes for the HashedPIT case (SHA-1 as hashing algorithm)

slide-8
SLIDE 8

ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013

8/16

Attacker’s transmission efficiency SimplePIT Attack efficiency HashedPIT, DiPIT Attack efficiency

Interest Header (20 bytes) Resource name (1000 bytes) Interest Header (20 bytes) Resource name (20 bytes)

% 98 ) 1000 20 ( 1000   bytes bytes % 50 ) 20 20 ( 20   bytes bytes

slide-9
SLIDE 9

ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013

9/16

Simulation Results (1)

AttackSettings

SimplePIT

Retransmissions /RAM usage

HashedPIT

Retransmissions/RAM usage

DiPIT

Retransmissions /RAM usage

Band = 100 Mbps LifeTime= 4 sec

49 MB 25 MB 0.01 % 1 GB

Band = 500 Mbps LifeTime= 4 sec

245 MB 125 MB 2.42 % 1 GB

Band = 2 Gbps LifeTime= 4 sec

980 MB 500 MB 87.6 % 1 GB

Band = 4 Gbps LifeTime= 4 sec

15 % FULL 83 % FULL 90 % 1 GB

Band = 100 Mbps LifeTime= 60 sec

735 MB 375 MB 21 % 1 GB

Band = 100 Mbps LifeTime= 120 sec

37 % FULL 750 MB 86 % 1 GB

Band = 100 Mbps LifeTime= 180 sec

52 % FULL ∞ FULL 88 % 1 GB

slide-10
SLIDE 10

ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013

10/16

Simulation Results (1)

AttackSettings

SimplePIT

Retransmissions /RAM usage

HashedPIT

Retransmissions/RAM usage

DiPIT

Retransmissions /RAM usage

Band = 100 Mbps LifeTime= 4 sec

49 MB 25 MB 0.01 % 1 GB

Band = 500 Mbps LifeTime= 4 sec

245 MB 125 MB 2.42 % 1 GB

Band = 2 Gbps LifeTime= 4 sec

980 MB 500 MB 87.6 % 1 GB

Band = 4 Gbps LifeTime= 4 sec

15 % FULL 83 % FULL 90 % 1 GB

Band = 100 Mbps LifeTime= 60 sec

735 MB 375 MB 21 % 1 GB

Band = 100 Mbps LifeTime= 120 sec

37 % FULL 750 MB 86 % 1 GB

Band = 100 Mbps LifeTime= 180 sec

52 % FULL ∞ FULL 88 % 1 GB

slide-11
SLIDE 11

ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013

11/16

Simulation Results (1)

AttackSettings

SimplePIT

Retransmissions /RAM usage

HashedPIT

Retransmissions/RAM usage

DiPIT

Retransmissions /RAM usage

Band = 100 Mbps LifeTime= 4 sec

49 MB 25 MB 0.01 % 1 GB

Band = 500 Mbps LifeTime= 4 sec

245 MB 125 MB 2.42 % 1 GB

Band = 2 Gbps LifeTime= 4 sec

980 MB 500 MB 87.6 % 1 GB

Band = 4 Gbps LifeTime= 4 sec

15 % FULL 83 % FULL 90 % 1 GB

Band = 100 Mbps LifeTime= 60 sec

735 MB 375 MB 21 % 1 GB

Band = 100 Mbps LifeTime= 120 sec

37 % FULL 750 MB 86 % 1 GB

Band = 100 Mbps LifeTime= 180 sec

52 % FULL ∞ FULL 88 % 1 GB

slide-12
SLIDE 12

ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013

12/16

Simulation Results (1)

AttackSettings

SimplePIT

Retransmissions /RAM usage

HashedPIT

Retransmissions/RAM usage

DiPIT

Retransmissions /RAM usage

Band = 100 Mbps LifeTime= 4 sec

49 MB 25 MB 0.01 % 1 GB

Band = 500 Mbps LifeTime= 4 sec

245 MB 125 MB 2.42 % 1 GB

Band = 2 Gbps LifeTime= 4 sec

980 MB 500 MB 87.6 % 1 GB

Band = 4 Gbps LifeTime= 4 sec

15 % FULL 83 % FULL 90 % 1 GB

Band = 100 Mbps LifeTime= 60 sec

735 MB 375 MB 21 % 1 GB

Band = 100 Mbps LifeTime= 120 sec

37 % FULL 750 MB 86 % 1 GB

Band = 100 Mbps LifeTime= 180 sec

52 % FULL ∞ FULL 88 % 1 GB

slide-13
SLIDE 13

ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013

13/16

Simulation Results (2)

  • Settings: Band = 100 Mbps, LifeTime = 180 sec
  • Settings: Band = 4 Gbps, LifeTime = 4 sec
slide-14
SLIDE 14

ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013

14/16

Conclusion

  • All the architectures work properly in normal network

conditions and also in presence of low intensity attack

  • HashedPIT is the most affected PIT in our context
  • Other scenarios could be designed to worsen SimplePIT too

– Distribute more zombies around the network; – Combine both high bandwidth and high lifetime to maximize the attack effectiveness; – …

  • Scalable and robust solutions are needed to ensure an

adequate level of confidence to the CCN paradigm.

slide-15
SLIDE 15

ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013

15/16

Future contribution

  • Very recent solutions have been proposed to mitigate the

impact of Interest Flooding Attacks

  • Our plan for the future is to evaluate them in our scenarios

in terms of:

– Resilience – CPU usage – Memory usage

slide-16
SLIDE 16

ACM SIGCOMM Workshop on Information-Centric Networking – 12/08/2013

16/16

Thank you for the attention!