Threat identification and risk assessments for named data networking architecture using SecRam

Abstract

Named Data networking is an instance of information centric networking, aims to improve the performance of the Internet by using in-network caching at storage-enabled routers and provide name based content access. However, name based content access and in-network caching make Name Data network vulnerable to new security attacks like cache pollutions, cache poisoning, false locality, cache snooping and interest flooding, etc. In this paper, we have evaluated NDN security principles, the impact of threats, ratified various security enablers, and built-in mitigation actions to combat security attacks. We have systematically applied SecRam in NDN for statistical security risk assessment, identification of run time threats, and assessment of available methods to mitigate these threats, as SecRam considers operational focus areas and proved useful for identification and severity assessment of run time threats. We have modified SecRam and used it in an entirely different domain, i.e., to a computer network, as SESAR proposed SecRam specifically for ATM systems that cannot be directly applied to another context. According to the best of our knowledge, it is the first attempt for a complete risk assessment of NDN. We have concluded this paper by defining a set of open security challenges that should be considered by future researchers.