乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,12,5]],"date-time":"2024-12-05T05:15:13Z","timestamp":1733375713770,"version":"3.30.1"},"reference-count":57,"publisher":"SAGE Publications","issue":"1","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["KES"],"published-print":{"date-parts":[[2021,4,9]]},"abstract":"Named Data networking is an instance of information centric networking, aims to improve the performance of the Internet by using in-network caching at storage-enabled routers and provide name based content access. However, name based content access and in-network caching make Name Data network vulnerable to new security attacks like cache pollutions, cache poisoning, false locality, cache snooping and interest flooding, etc. In this paper, we have evaluated NDN security principles, the impact of threats, ratified various security enablers, and built-in mitigation actions to combat security attacks. We have systematically applied SecRam in NDN for statistical security risk assessment, identification of run time threats, and assessment of available methods to mitigate these threats, as SecRam considers operational focus areas and proved useful for identification and severity assessment of run time threats. We have modified SecRam and used it in an entirely different domain, i.e., to a computer network, as SESAR proposed SecRam specifically for ATM systems that cannot be directly applied to another context. According to the best of our knowledge, it is the first attempt for a complete risk assessment of NDN. We have concluded this paper by defining a set of open security challenges that should be considered by future researchers.<\/jats:p>","DOI":"10.3233\/kes-210051","type":"journal-article","created":{"date-parts":[[2021,4,9]],"date-time":"2021-04-09T16:17:49Z","timestamp":1617985069000},"page":"33-47","source":"Crossref","is-referenced-by-count":1,"title":["Threat identification and risk assessments for named data networking architecture using SecRam"],"prefix":"10.1177","volume":"25","author":[{"given":"Vishwa Pratap","family":"Singh","sequence":"first","affiliation":[]},{"given":"R.L.","family":"Ujjwal","sequence":"additional","affiliation":[]}],"member":"179","reference":[{"key":"10.3233\/KES-210051_ref1","first-page":"158","article-title":"Named data networking (ndn) project","volume":"157","author":"Zhang","year":"2010","journal-title":"Relat\u00f3rio T\u00e9cnico NDN-0001, Xerox Palo Alto Research Center-PARC"},{"key":"10.3233\/KES-210051_ref2","first-page":"03","article-title":"SecRAM implementation guidance material","volume":"16","author":"SESAR","journal-title":"Project Deliverable"},{"key":"10.3233\/KES-210051_ref3","unstructured":"Y. Liu, Z. Wang and N. Liu, A case study of detecting and characterizing large-scale prefix hijackings in the internet, in: Proceedings of the 2017 VI International Conference on Network, Communication and Computing, (2017)."},{"key":"10.3233\/KES-210051_ref4","first-page":"109","article-title":"Privacy attack modeling and risk assessment method for name data networking","author":"Singh","year":"2019","journal-title":"Springer"},{"key":"10.3233\/KES-210051_ref5","first-page":"27","article-title":"Introduction to multiple attribute decision-making (MADM) methods","author":"Rao","year":"2007","journal-title":"Decision Making in the Manufacturing Environment: Using Graph Theory and Fuzzy Multiple Attribute Decision Making Methods"},{"key":"10.3233\/KES-210051_ref6","doi-asserted-by":"crossref","unstructured":"H. Salah and T. Strufe, Evaluating and mitigating a collusive version of the interest flooding attack in ndn, (2016).","DOI":"10.1109\/ISCC.2016.7543857"},{"key":"10.3233\/KES-210051_ref7","unstructured":"M. Xie, I. Widjaja and H. Wang, Enhancing cache robustness for content-centric networking, (2012)."},{"key":"10.3233\/KES-210051_ref8","doi-asserted-by":"crossref","unstructured":"C. Ghali, G. Tsudik and E. Uzun, Needle in a haystack: Mitigating content poisoning in named-data networking, (2014).","DOI":"10.14722\/sent.2014.23014"},{"issue":"1","key":"10.3233\/KES-210051_ref9","doi-asserted-by":"crossref","first-page":"66","DOI":"10.1109\/MC.2018.1151010","article-title":"Security issues in named data networks","volume":"51","author":"Chatterjee","year":"2018","journal-title":"Computer"},{"key":"10.3233\/KES-210051_ref10","doi-asserted-by":"crossref","unstructured":"E. Dogruluk, A. Costa and J. Macedo, Evaluating privacy attacks in named data network, (2016).","DOI":"10.1109\/ISCC.2016.7543908"},{"key":"10.3233\/KES-210051_ref11","unstructured":"M. Djapi\u0107 and L. Luki\u0107, ISO\/IEC 27000 series standards the best business practice for information security, (2000)."},{"key":"10.3233\/KES-210051_ref12","first-page":"450","article-title":"Making sense of information systems security standards","author":"Tejay","year":"2005","journal-title":"AMCIS 2005 Proceedings"},{"key":"10.3233\/KES-210051_ref13","unstructured":"S. Sarma, Cyber security mechanism in European Union, (2016)."},{"key":"10.3233\/KES-210051_ref14","first-page":"12","article-title":"A qualitative risk analysis and management tool-CRAMM","volume":"11","author":"Yazar","year":"2002","journal-title":"SANS Info Sec Reading Room White Paper"},{"key":"10.3233\/KES-210051_ref15","unstructured":"C.J. Alberts and A. Dorofee, Managing information security risks: The OCTAVE approach, Addison-Wesley Longman Publishing Co, Inc, (2002)."},{"key":"10.3233\/KES-210051_ref16","unstructured":"A. Ekelhart, S. Fenz and T. Neubauer, Aurum: A framework for information security risk management, (2009)."},{"key":"10.3233\/KES-210051_ref17","doi-asserted-by":"crossref","unstructured":"P. Saripalli and B. Walters, Quirc: A quantitative impact and risk assessment framework for cloud security, (2010).","DOI":"10.1109\/CLOUD.2010.22"},{"key":"10.3233\/KES-210051_ref18","unstructured":"A. Syalim, Y. Hori and K. Sakurai, Comparison of risk analysis methods: Mehari, magerit, NIST800-30 and microsoft\u2019s security management guide, (2009)."},{"key":"10.3233\/KES-210051_ref19","unstructured":"M.S. Lund, B. Solhaug and K. St\u00f8len, Model-driven risk analysis: The CORAS approach, Springer Science & Business Media, (2010)."},{"key":"10.3233\/KES-210051_ref20","doi-asserted-by":"crossref","unstructured":"T. Shawly, J. Liu, N. Burow, S. Bagchi, R. Berthier and R.B. Bobba, A risk assessment tool for advanced metering infrastructures, (2014).","DOI":"10.1109\/SmartGridComm.2014.7007777"},{"key":"10.3233\/KES-210051_ref21","doi-asserted-by":"crossref","first-page":"15","DOI":"10.1016\/j.cosrev.2016.01.001","article-title":"Named data networking: A survey","volume":"19","author":"Saxena","year":"2016","journal-title":"Computer Science Review"},{"key":"10.3233\/KES-210051_ref22","doi-asserted-by":"crossref","first-page":"62","DOI":"10.1109\/MCOM.2018.1701147","article-title":"An overview of security support in named data networking","volume":"56","author":"Zhang","year":"2018","journal-title":"IEEE Communications Magazine"},{"key":"10.3233\/KES-210051_ref23","first-page":"29","article-title":"ATSRA: An accelerated transmission strategy based on request aggregation in NDN","author":"Shi","journal-title":"IEEE INFOCOM 2019\u00a0\u2013 IEEE Conference on Computer Communications Workshops (Infocom Wkshps)"},{"key":"10.3233\/KES-210051_ref24","first-page":"5","article-title":"Data aggregation in named data networking","author":"Harada","journal-title":"Tencon 2017 \u2013 2017 IEEE Region 10 Conference"},{"key":"10.3233\/KES-210051_ref25","unstructured":"S. Shannigrahi, C. Fan and C. Papadopoulos, Request aggregation, caching, and forwarding strategies for improving large climate data distribution with NDN: A case study, in: (Proceedings) of the 4th ACM Conference on Information-Centric Networking, (2017)."},{"key":"10.3233\/KES-210051_ref26","unstructured":"G. Panwar, R. Tourani, S. Misra and A. Mtibaa, Request aggregation: The good, the bad, and the ugly, in: Proceedings of the 4th ACM Conference on Information-Centric Networking, (2017)."},{"key":"10.3233\/KES-210051_ref27","unstructured":"L. Wang, A.K.M.M. Hoque, C. Yi, A. Alyyan and B. Zhang, OSPFN: An OSPF based routing protocol for named data networking, Technical Report NDN-0003, (2012)."},{"key":"10.3233\/KES-210051_ref28","doi-asserted-by":"crossref","unstructured":"A.K.M. Hoque, S.O. Amin, A. Alyyan, B. Zhang, L. Zhang and L. Wang, NLSR: Named-data link state routing protocol, (2013).","DOI":"10.1145\/2491224.2491231"},{"key":"10.3233\/KES-210051_ref29","unstructured":"H. Dai, J. Lu, Y. Wang and B. Liu, A two-layer intra-domain routing scheme for named data networking, (2012)."},{"key":"10.3233\/KES-210051_ref30","doi-asserted-by":"crossref","unstructured":"Y. Liu and H. Wadekar, SDAR: Software defined intra-domain routing in named data networks, (2016).","DOI":"10.1109\/NCA.2016.7778611"},{"key":"10.3233\/KES-210051_ref31","doi-asserted-by":"crossref","unstructured":"V. Lehman, A. Gawande, B. Zhang, L. Zhang, R. Aldecoa, D. Krioukov and L. Wang, An experimental investigation of hyperbolic routing with a smart forwarding plane in NDN, (2016).","DOI":"10.1109\/IWQoS.2016.7590394"},{"key":"10.3233\/KES-210051_ref32","unstructured":"A. Afanasyev, J. Shi, B. Zhang, L. Zhang, I. Moiseenko, Y. Yu, W. Shang, Y. Huang, J.P. Abraham and S. DiBenedetto, NFD developer\u2019s guide, Dept Comput Sci, Univ California, Los Angeles, Los Angeles, CA, USA, Tech Rep NDN-0021, (2014)."},{"key":"10.3233\/KES-210051_ref33","doi-asserted-by":"crossref","unstructured":"M. Tortelli, L.A. Grieco, G. Boggia and K. Pentikousisy, Cobra: Lean intra-domain routing in ndn, (2014).","DOI":"10.1109\/CCNC.2014.6994403"},{"key":"10.3233\/KES-210051_ref34","unstructured":"D.P.D.R.G.R. Raffaele Chiocchetti, INFORM: A dynamic interest forwarding mechanism for information centric networking, in: ACM, Hongkong, (2013)."},{"key":"10.3233\/KES-210051_ref35","doi-asserted-by":"crossref","unstructured":"K. Lei, J. Wang and J. Yuan, An entropy-based probabilistic forwarding strategy in named data networking, (2015).","DOI":"10.1109\/ICC.2015.7249225"},{"key":"10.3233\/KES-210051_ref36","doi-asserted-by":"crossref","unstructured":"Y. XU, A dominating-set-based collaborative caching with request routing in content centric networking, in: ICC, (2013).","DOI":"10.1109\/ICC.2013.6655115"},{"key":"10.3233\/KES-210051_ref37","doi-asserted-by":"crossref","unstructured":"W. Wong, L. Wang and J. Kangasharju, Neighborhood search and admission control in cooperative caching networks, (2012).","DOI":"10.1109\/GLOCOM.2012.6503549"},{"key":"10.3233\/KES-210051_ref38","doi-asserted-by":"crossref","first-page":"27","DOI":"10.1016\/j.jisa.2016.02.001","article-title":"A taxonomy for attack graph generation and usage in network security","volume":"29","author":"Kaynar","year":"2016","journal-title":"Journal of Information Security and Applications"},{"key":"10.3233\/KES-210051_ref39","unstructured":"R. Ravindran, G. Wang and K. Nichols, Method and apparatus for content identifier based radius constrained cache flooding to enable efficient content routing, Google Patents, (2014)."},{"key":"10.3233\/KES-210051_ref40","doi-asserted-by":"crossref","first-page":"675","DOI":"10.1109\/TDSC.2014.2382592","article-title":"Timing attacks on access privacy in information centric networks and countermeasures","volume":"12","author":"Mohaisen","year":"2014","journal-title":"IEEE Transactions on Dependable and Secure Computing"},{"key":"10.3233\/KES-210051_ref41","unstructured":"N. Rathi, S. Ghosh, A. Iyengar and H. Naeimi, Data privacy in non-volatile cache: Challenges, attack models and solutions, (2016)."},{"key":"10.3233\/KES-210051_ref42","doi-asserted-by":"crossref","first-page":"3192","DOI":"10.1016\/j.comnet.2013.07.009","article-title":"Backscatter from the data plane-threats to stability and security in information-centric network infrastructure","volume":"57","author":"W\u00e4hlisch","year":"2013","journal-title":"Computer Networks"},{"key":"10.3233\/KES-210051_ref43","doi-asserted-by":"crossref","first-page":"221","DOI":"10.1108\/EUM0000000004542","article-title":"Information security management (2): Guidelines to the management of information technology security (GMITS)","volume":"6","author":"Von Solms","year":"1998","journal-title":"Information Management & Computer Security"},{"key":"10.3233\/KES-210051_ref44","unstructured":"G. Suarez, Challenges affecting a defense-in-depth security architected network by allowing operations of wireless access points (WAPs), (2003)."},{"key":"10.3233\/KES-210051_ref45","doi-asserted-by":"crossref","unstructured":"T. Song, H. Yuan, P. Crowley and B. Zhang, Scalable name-based packet forwarding: From millions to billions, (2015).","DOI":"10.1145\/2810156.2810166"},{"key":"10.3233\/KES-210051_ref46","unstructured":"C.T. Silungwe, D. Chiponde and L.M.N. Michello, Risk reduction on infrastructure projects in the Zambian construction industry through integrated risk management (IRM) approach."},{"key":"10.3233\/KES-210051_ref47","first-page":"5","article-title":"Scalable aggregation-based packet forwarding in content centric networking","author":"Ndikumana","journal-title":"2016 18th Asia-Pacific Network Operations and Management Symposium (APNOMS)"},{"key":"10.3233\/KES-210051_ref48","unstructured":"R. Mousa and Z. Zhao, Application aware digital objects access and distribution using Named Data Networking (NDN)."},{"key":"10.3233\/KES-210051_ref49","unstructured":"S. Misra, R. Tourani and N.E. Majd, Secure content delivery in information-centric networks: Design, implementation, and analyses, (2013)."},{"key":"10.3233\/KES-210051_ref50","unstructured":"T. Lauinger, N. Laoutaris, P. Rodriguez, T. Strufe, E. Biersack and E. Kirda, Privacy implications of ubiquitous caching in named data networking architectures, Technical Report TR-iSecLab-0812-001, ISecLab, Tech Rep, 2012."},{"key":"10.3233\/KES-210051_ref51","doi-asserted-by":"crossref","first-page":"155","DOI":"10.1016\/j.jnca.2019.07.004","article-title":"NBP: Namespace-based privacy to counter timing-based attack in named data networking","volume":"144","author":"Kumar","year":"2019","journal-title":"Journal of Network and Computer Applications"},{"key":"10.3233\/KES-210051_ref52","first-page":"10","article-title":"INADS: In-network aggregation and distribution of IoT data subscription in ICN","author":"Dong","journal-title":"2017 IEEE International Conference on Multimedia & Expo Workshops (ICMEW)"},{"key":"10.3233\/KES-210051_ref53","doi-asserted-by":"crossref","unstructured":"H. Dai, Y. Wang, J. Fan and B. Liu, Mitigate ddos attacks in ndn by interest traceback, (2013).","DOI":"10.1109\/INFCOMW.2013.6970722"},{"key":"10.3233\/KES-210051_ref54","unstructured":"S. Banerjee, Detection\/removal of cooperative black and gray hole attack in mobile ad-hoc networks, (2008)."},{"key":"10.3233\/KES-210051_ref55","doi-asserted-by":"crossref","unstructured":"M. Amadeo, C. Campolo, A. Iera and A. Molinaro, Named data networking for IoT: An architectural perspective, (2014).","DOI":"10.1109\/EuCNC.2014.6882665"},{"key":"10.3233\/KES-210051_ref56","doi-asserted-by":"crossref","first-page":"26","DOI":"10.1109\/MCOM.2012.6231276","article-title":"A survey of information-centric networking","volume":"50","author":"Ahlgren","year":"2012","journal-title":"IEEE Communications Magazine"},{"key":"10.3233\/KES-210051_ref57","first-page":"14","article-title":"Globally accessible names in named data networking","author":"Adrichem","journal-title":"2013 IEEE Conference on Computer Communications Workshops (Infocom Wkshps)"}],"container-title":["International Journal of Knowledge-based and Intelligent Engineering Systems"],"original-title":[],"link":[{"URL":"https:\/\/content.iospress.com\/download?id=10.3233\/KES-210051","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,12,4]],"date-time":"2024-12-04T07:04:49Z","timestamp":1733295889000},"score":1,"resource":{"primary":{"URL":"https:\/\/journals.sagepub.com\/doi\/full\/10.3233\/KES-210051"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,4,9]]},"references-count":57,"journal-issue":{"issue":"1"},"URL":"https:\/\/doi.org\/10.3233\/kes-210051","relation":{},"ISSN":["1327-2314","1875-8827"],"issn-type":[{"type":"print","value":"1327-2314"},{"type":"electronic","value":"1875-8827"}],"subject":[],"published":{"date-parts":[[2021,4,9]]}}}