The Future of the Internet�Security and Privacy of Current and Future Networking Paradigms

Department of Computer Control and Management Engineering

Enkeleda Bardhi

31 January 2023

bardhi@diag.uniroma1.it

Overview

• Motivation
• Research Interests and SOTA
• Research Progress
• Final remarks

​

31/01/23

Research Activities

Page 2

Motivation (1/3)

• Today’s usage model of the Internet: more users, data, sensors, applications and connections everywhere and at every time
• The current Internet must cope with:
• Large volumes of traffic patterns
• Extremely complex network infrastructures (heterogeneous devices and protocols) -> demanding for security and QoS issues
• Solutions:
• Reassessment of current networking
• Evolutionary substitution: design completely new paradigms

31/01/23

Research Activities

Page 3

Motivation (2/3)

Reassessment of current infrastructure: flexibility in configuring and managing the networks

• Decoupling control plane from data plane – Software-Defined Networking [1]
• Data plane programmed by the controller through programming interfaces
• Issue: single point of failure, higher overload, extra latency
• Programmable switches based on the Protocol Independent Switch Architecture (PISA) [2, 3]
• Paved the way to in-network computing: data caching, ML, security solutions

31/01/23

Research Activities

Page 4

[1] Kim, Hyojoon, and Nick Feamster. "Improving network management with software defined networking." IEEE Communications Magazine 51.2 (2013): 114-119.

[2] Barefoot. Tofino. https://www.barefootnetworks.com/products/brief-tofino-2/

[3] P. Bosshart et al. 2013. Forwarding Metamorphosis: Fast Programmable MatchAction Processing in Hardware for SDN. SIGCOMM Comput. Commun. Rev. 43, 4 (Aug. 2013), 99–110.

Motivation (3/3)

Evolutionary substitution: Information-Centric Networking (ICN) [4]

• Naming hosts in TCP/IP -> Naming data in ICN
• Name-based routing and forwarding
• Security by design
• In-network caching

31/01/23

Research Activities

Page 5

[4] Ahlgren, Bengt, et al. "A survey of information-centric networking." IEEE Communications Magazine 50.7 (2012): 26-36.

Research Interests

1. In-network security mechanisms
2. Researching already-known and new security and privacy issues of ICN
3. Researching the security and privacy issues in the IP-ICN coexistence

​

​

31/01/23

Research Activities

Page 6

Research Interests: SOTA Mirroring

In-network security mechanisms on P4 (Barefoot Tofino) switches:

• Spoofing attack detection [5], heavy hitter detection [6]
• ML assisted solutions: intrusion detection [7, 8, 9]

​

[5] G. Simsek, H. Bostan, A.K. Sarica, E. Sarikaya, A. Keles, P. Angin, H. Alemdar, E. Onur, DroPPPP: A P4 approach to mitigating DoS attacks in SDN, in: International Workshop On Information 

Security Applications, Springer, 2019

[6] D. Ding, M. Savi, G. Antichi, D. Siracusa, An incrementally-deployable P4- enabled architecture for network-wide heavy-hitter detection, IEEE Trans. Netw. Serv. Manag. 17 (1) (2020) 75–88.

[7] D. Barradas, N. Santos, L. Rodrigues et al., “FlowLens en- abling efficient flow classification for ML-based network security applications,” in Proceedings of the Network and Distributed Systems Security

(NDSS) Symposium, San Diego, CA, USA, August 2021

[8] Zhou, Guangmeng, et al. "An Efficient Design of Intelligent Network Data Plane." 32nd USENIX Security Symposium (USENIX Security 23). Anaheim, CA: USENIX Association. 2023.

[9] Qin, Qiaofeng, et al. "Line-speed and scalable intrusion detection at the network edge via federated learning." 2020 IFIP Networking Conference (Networking). IEEE, 2020.

31/01/23

Research Activities

Page 7

In-Network Anomaly Detection*

• Common denominator of SOTA – locality issues and controller-based (centralized)
• P4 switches: line-rate reaction (in ns) to network conditions, constrained programming model (flow tables)

31/01/23

Research Activities

Page 8

Aims:

• Run ML models on data plane without comprising the controller [10]
• Distributed per-packet decision

* Working with Fernando Kuipers (TU Delft) and Muhammad Shahbaz (Purdue University)

[10] Swamy, Tushar, et al. "Taurus: a data plane architecture for per-packet ML." Proceedings of the 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems. 2022.

In-Network Anomaly Detection

31/01/23

Research Activities

Page 9

[10] Swamy, Tushar, et al. "Taurus: a data plane architecture for per-packet ML." Proceedings of the 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems. 2022.

In-Network Anomaly Detection

• Distributed detection:
• Train a NN for each switch using a batch of data
• Make a per-packet decision after N-hops (switches), last hop (switch) makes a simple majority voting

31/01/23

Research Activities

Page 10

[11] Gray, Nicholas, et al. "High performance network metadata extraction using P4 for ML-based intrusion detection systems." 2021 IEEE 22nd International Conference on High Performance Switching and Routing (HPSR). IEEE, 2021.

• In the future:
• Design a packet P4 parser to be integrated with any ML-based anomaly detector [11]
• Design a reputation/trust-based distributed detection

In-Network Anomaly Detection

31/01/23

Research Activities

Page 11

[12] T. Dargahi, A. Caponi, M. Ambrosin, G. Bianchi and M. Conti, "A Survey on the Security of Stateful SDN Data Planes," in IEEE Communications Surveys & Tutorials, vol. 19, no. 3, pp. 1701-1725, thirdquarter 2017, doi: 10.1109/COMST.2017.2689819.

• In the future:
• Security of programmable dataplanes [12]
• Unbounded flow state memory allocation -> DoS attack on the switch to saturate the switch memory
• Trigger CPU intensive operations -> Malicious controller requires updates from the switch
• Switching from centralized (controller-based) to stateful dataplane -> an attacker can impersonate a switch and inject fake packets to the network
• Lack of centralized management -> state inconsistency due to lack of synch between switches��

Research Interests: SOTA Mirroring

Security and Privacy of ICN [13]

• Attacking ICN features – naming [14], caching [16], routing [15]
• Defending from vulnerabilities [17, 18]

​

Naming -> Human readable content names [19]

• Correlate content names to their category
• Violate user’s privacy

[13] Hurali, Lalitha Chinmayee M., and Annapurna P. Patil. "Application Areas of Information-Centric Networking: State-of-the-Art and Challenges." IEEE Access 10 (2022): 122431-122446.

[14] S. Arianfar, T. Koponen, B. Raghavan, and S. Shenker, “On preserving privacy in content-oriented networks,” in Proc. ACM SIGCOMM Workshop ICN, Aug. 2011, pp. 19–24

[15] A. Compagno, M. Conti, P. Gasti, and G. Tsudik, “Poseidon: Mitigating interest flooding DDoS attacks in named data networking,” in Proc. IEEE 38th Conf. Local Comput. Netw., Oct. 2013, pp. 630–638

[16] C. Ghali, G. Tsudik, and E. Uzun, “Needle in a haystack: Mitigating content poisoning in named-data networking,” in Proc. SENT, San Diego, CA, USA, 2014, pp. 1–10

[17] Zhi, Ting, Ying Liu, and Zhiwei Yan. "An entropy-SVM based interest flooding attack detection method in ICN." 2018 IEEE 88th Vehicular Technology Conference (VTC-Fall). IEEE, 2018.

[18] Salah, Hani, Julian Wulfheide, and Thorsten Strufe. "Coordination supports security: A new defence mechanism against interest flooding in NDN." 2015 IEEE 40th conference on local computer networks (LCN).

[19] Bardhi, Enkeleda, et al. "ICN PATTA: ICN Privacy Attack Through Traffic Analysis." 2021 IEEE 46th Conference on Local Computer Networks (LCN). IEEE, 2021.

31/01/23

Research Activities

Page 12

ICN PATTA Overview

• The attacker intercepts the victim’s outgoing traffic
• Attacker extracts the content names on Interest packets
• Attacker uses ML classifiers to identify content’s category

​

Research Activities

Page 13

31/01/23

L-SVM is the best classifier in all the configurations when tested in the testing set

Classifier’s Setup: Classification results (testing set)

Research Activities

Page 14

31/01/23

Real Time Classification: Results

Research Activities

Page 15

31/01/23

Research Interests: SOTA Mirroring

Security and Privacy of ICN [13]

​

Routing (DDoS) -> Interest Flooding Attacks (IFA) exploit the router’s PIT [20]

• IFA’s aim: PIT saturation through rapid request generation of requests
• All IFA detection SOTA approaches are local
• GNNs fit well to graph structured data, e.g. social recommendations [21], computational chemistry [22].

[20] Bardhi, E., Agiollo, A., Conti, M., Lazzeretti, R., Losiouk, E., & Omicini, A. (2022). Interest Flooding Attack Detection With Graph Neural Networks. Under submission.

[21] Fan, W., Ma, Y., Li, Q., He, Y., Zhao, E., Tang, J., & Yin, D. (2019, May). Graph neural networks for social recommendation. In The world wide web conference (pp. 417-426).

[22] Fung, Victor, et al. "Benchmarking graph neural networks for materials chemistry." npj Computational Materials 7.1 (2021): 1-8.

31/01/23

Research Activities

Page 16

Map NDN network to a graph: G(t) = {X(t), A(t)}

• Supervised Attack Detection (SAD)
• Given the G(t), output if the network is under attack – i.e., 1 – or not---i.e., 0.
• SAD GNN is trained on SPOTIFAI normal and attack samples
• Unsupervised Attack Detection (UAD)
• Reconstruct a masked node of a given input graph
• UAD GNN is trained on SPOTIFAI normal samples

​

​

​

GNN4IFA Design

Research Activities

Page 17

31/01/23

• We simulate various IFA scenarios using ndnSIM [23]
• We consider two configurations:
• Normal---i.e., no compromised nodes in the network
• Attack---i.e., compromised nodes in the network considering three topologies

SPOTIFAI: SPOTting IFA Intruders

[23] Mastorakis, S., Afanasyev, A., Zhang, L.: On the Evolution of ndnSIM: An Open-Source Simulator for NDN Experimentation. ACM SIGCOMM Computer Communication Review 47(3), 19–33 (2017)

Research Activities

Page 18

31/01/23

​

​

​

SAD Results

Research Activities

Page 19

31/01/23

​

​

​

UAD Results

Research Activities

Page 20

31/01/23

Research Interests: SOTA Mirroring

Security and Privacy of ICN [13]

• NDN solutions are mainly tested in synthetic environments
• Although valid, a synthetic environment might lead to performance discrepancies [25]
• NDN network simulators: ndnSIM [23], miniNDN [26], ccnSIM, Icarus, OMNET ++, OICNSIM, ICN20
• What about physical testbeds? [24]
• Setting up testbeds is time consuming and highly expensive process
• NDN testbeds [27], [28], [29] mainly build as an overlay in the current IP infrastructure

​

31/01/23

Research Activities

Page 21

[24] Bardhi, Enkeleda, et al. "Sim2Testbed Transfer: NDN Performance Evaluation." Proceedings of the 17th International Conference on Availability, Reliability and Security. 2022.

[25] Benjamin Rainer, Daniel Posch, Andreas Leibetseder, Sebastian Theuermann, and Hermann Hellwagner. 2016. A low-cost NDN testbed on banana pi routers. IEEE Communications Magazine 54, 9 (2016), 105–111.

[26] NDN Community. 2022. miniNDN. https://minindn.memphis.edu

[27] NDN Community. 2022. NDN testbed. https://named-data.net/ndn-testbed/

[28] Alexander Ni and Huhnkuk Lim. 2015. A named data networking testbed with global NDN connection. The Journal of Korean Institute of Communications and Information Sciences 40, 12 (2015), 2419–2426.

[29] Huhnkuk Lim, Alexander Ni, Dabin Kim, Young-Bae Ko, Susmit Shannigrahi, and Christos Papadopoulos. 2018. NDN construction for big science: Lessons learned from establishing a testbed.

Testbed Setup

• 7 nodes – 5 Raspberry Pi 400 and 2 Ubuntu 20.04 LTS machines
• NDN protocol stack over Ethernet
• Mesh configuration for routers

​

Research Activities

Page 22

31/01/23

Performance Evaluation: Two Privacy Attack Transfer

• ICN PATTA [30] is a traffic-based privacy attack
• Two phases: classifier’s setup and real-time classification
• Implemented using miniNDN simulator
• Transfer the second phase of the attack in our testbed

​

[30] Enkeleda Bardhi, Mauro Conti, Riccardo Lazzeretti, and Eleonora Losiouk. 2021. ICN PATTA: ICN Privacy Attack Through Traffic Analysis. In 46th IEEE Conference on Local Computer Networks, LCN 2021, Edmonton, AB, Canada, October 4-7, 2021. IEEE, 443–446.

​

​

Research Activities

Page 23

31/01/23

Performance Evaluation: Two Privacy Attack Transfer

• Consumer D is the victim, and the attacker is located on router A

​

​

Testbed results

Simulator results

Research Activities

Page 24

31/01/23

Performance Evaluation: Two Privacy Attack Transfer

• Reactive cache privacy attack [31] is a timing-based attack exploiting the CS
• The attacker probes the cache to check content’s availability
• Two phases: compute characteristic time (CT) and probe the cache using CT
• Implemented using ndnSIM simulator

[31] Naveen Kumar and Shashank Srivastava. 2018. A Triggered Delay-based Approach against Cache Privacy Attack in NDN. In 17th IEEE/ACIS International Conference on Computer and Information Science, ICIS 2018, Singapore, Singapore, June 6-8, 2018. IEEE Computer Society, 22–27.

​

​

Research Activities

Page 25

31/01/23

Performance Evaluation: Two Privacy Attack Transfer

[31] Naveen Kumar and Shashank Srivastava. 2018. A Triggered Delay-based Approach against Cache Privacy Attack in NDN. In 17th IEEE/ACIS

International Conference on Computer and Information Science, ICIS 2018, Singapore, Singapore, June 6-8, 2018. IEEE Computer Society, 22–27.

​

​

Testbed results

Simulator results

Research Activities

Page 26

31/01/23

Research Interests: SOTA Mirroring

Security and Privacy of Coexistence between IP and ICN

• Expected a similar transition as for other technologies/protocols (e.g., IPv4 to IPv6)
• SOTA focused more on performance point of view rather than the secure transition [32, 33]
• Big vendors (e.g., CISCO) already proposed device prototypes [34]
• Modify the switches and routers to process both ICN and IP traffic

[32] Conti, Mauro, et al. "The road ahead for networking: A survey on icn-ip coexistence solutions." IEEE Communications Surveys & Tutorials 22.3 (2020): 2104-2129.

[33] Nour, Boubakr, et al. "Coexistence of icn and ip networks: An nfv as a service approach." 2019 IEEE Global Communications Conference (GLOBECOM). IEEE, 2019.

[34] Carofiglio, Giovanna, et al. "Enabling icn in the internet protocol: Analysis and evaluation of the hybrid-icn architecture." Proceedings of the 6th ACM Conference on Information-Centric Networking. 2019.

31/01/23

Research Activities

Page 27

IP-ICN Coexistence in a Nutshell

• Deployment approaches:
• Overlay [35, 36]
• Underlay [37, 38]
• Hybrid [39]
• Deployment scenarios ("islands" and "oceans")
• Security of the combination of heterogeneous architectures?

[35] Samar Shailendra et al. “A novel overlay architecture for information centric networking”. In: 2015 Twenty First National Conference on Communications (NCC). IEEE. 2015, pp. 1–6.

[36] Andrea Detti et al. “CONET: a content centric inter-networking architecture”. In: Proceedings of the ACM SIGCOMM workshop on Information-centric networking. 2011, pp. 50–55.

[37] Dirk Trossen, Arjuna Sathiaseelan, and Joerg Ott. “Towards an information centric network architecture for universal internet access”. In: ACM SIGCOMM Computer Communication Review 46.1 (2016), pp. 44–49.

[38] Greg White and Greg Rutz. “Content delivery with content-centric networking”. In: CableLabs, Strategy & Innovation (2016), pp. 1–26.

[39] Shariq Mansoor and Rahul Patil. System and method for facilitating secure integration and communication of cloud services and enterprise applications. US Patent 8,504,609. 2013.

Research Activities

Page 28

31/01/23

Security and Privacy of IP-ICN coexistence

• We analyzed 20 coexistence architectures considering 10 SP features [40]

Research Activities

Page 29

31/01/23

[40] Bardhi, Enkeleda, et al. "Security and Privacy of IP-ICN Coexistence: A Comprehensive Survey." arXiv preprint arXiv:2209.02835 (2022). -> Under revision

Final Remarks

• Working on cutting edge and evolutionary technologies – challenging
• No infrastructure, limited research community and venues

​

• Dataplane programmability – more to be explored on in-network security mechanisms based on ML
• Among the hype trends

​

• IP-ICN coexistence – complex task
• Coordination of different protocols, infrastructures and semantics

Research Activities

Page 30

31/01/23

Thank you for the attention!

31 January 2023

@enkeleda_bardhi (https://twitter.com/enkeleda_bardhi)

@enkeledabardhi (https://www.linkedin.com/in/enkeleda-bardhi-52b96011a/)

bardhi@diag.uniroma1.it

Additional Slides

07 October 2022

ICN PATTA: ICN Privacy Attack Through Traffic Analysis

07 October 2022

ICN PATTA Design

07/10/22

Ph.D. Second Year Report

Page 34

07/10/22

Ph.D. Second Year Report

Page 35

(1,2) grams and 2700 features is the best configuration for almost all classifiers

Classifier’s Setup: Classification results (testing set)

Classifier’s Setup: Classification results (flexibility set)

07/10/22

Ph.D. Second Year Report

Page 36

07/10/22

Ph.D. Second Year Report

Page 37

Classifier’s Setup: Classification results (flexibility set)

MNB is the best classifier in almost all the configurations when tested in the flexibility set

Classifier’s Setup: Classification results (flexibility set)

07/10/22

Ph.D. Second Year Report

Page 38

(1,2) grams and 2700 features is the best configuration for all classifiers

Sim2Testbed Transfer: NDN Performance Evaluation

07 October 2022

Performance Evaluation: Data Packet Signing

• SHA-256, RSA, and ECDSA are used to sign data packets
• A trade-off between security level and the performance

should be reached

​

07/10/22

Ph.D. Second Year Report

Page 40

Performance Evaluation: Data Packet Signing

• SHA-256, RSA, and ECDSA are used to sign data packets
• A trade-off between security level and the performance

should be reached

​

07/10/22

Ph.D. Second Year Report

Page 41

Performance Evaluation: Two Privacy Attack Transfer

• Consumer D is the attacker, while routers have a FIFO cache replacement policy
• The attacker application starts after 10 seconds
• Consumer’s D frequency is 1 req/s
• Consumer’s E frequency varies from 100 to 200, and 500 req/s
• One of the producers is considered collusive

​

[18] Naveen Kumar and Shashank Srivastava. 2018. A Triggered Delay-based Approach against Cache Privacy Attack in NDN. In 17th IEEE/ACIS

International Conference on Computer and Information Science, ICIS 2018, Singapore, Singapore, June 6-8, 2018. IEEE Computer Society, 22–27.

​

​

07/10/22

Ph.D. Second Year Report

Page 42