Future Internet Architecture Research Articles

A Secure NDN Framework for Internet of Things Enabled Healthcare

Healthcare is a binding domain for the Internet of Things (IoT) to automate healthcare services for sharing and accumulation patient records at anytime from anywhere through the Internet. The current IP-based Internet architecture suffers from latency, mobility, location dependency, and security. The Named Data Networking (NDN) has been projected as a future internet architecture to cope with the limitations of IP-based Internet. However, the NDN infrastructure does not have a secure framework for IoT healthcare information. In this paper, we proposed a secure NDN framework for IoT-enabled Healthcare (IoTEH). In the proposed work, we adopt the services of Identity-Based Signcryption (IBS) cryptography under the security hardness Hyperelliptic Curve Cryptosystem (HCC) to secure the IoTEH information in NDN. The HCC provides the corresponding level of security using minimal computational and communicational resources as compared to bilinear pairing and Elliptic Curve Cryptosystem (ECC). For the efficiency of the proposed scheme, we simulated the security of the proposed solution using Automated Validation of Internet Security Protocols and Applications (AVISPA). Besides, we deployed the proposed scheme on the IoTEH in NDN infrastructure and compared it with the recent IBS schemes in terms of computation and communication overheads. The simulation results showed the superiority and improvement of the proposed framework against contemporary related works.

Exploring the Intersection of Technology and Policy in the Future Internet Architecture Effort

Policy-making and regulation have played a significant role in the current Internet architecture. In this paper we open that same sort of dialog with the architects of the set of Future Internet Architecture projects funded by the NSF and the EC. The paper examines both the architectures themselves and key policy topics, including (1) net neutrality, (2) naming, addressing, and network management, (3) the rise of platforms, and (4) security. In each case, in one or another of the novel architectures, the path forward with respect to the topic does not directly parallel what has occurred in the current architecture.

The Internet of Futures Past: Values Trajectories of Networking Protocol Projects

The Internet was conceptualized as a technology that would be capable of bringing about a better future, but recent literature in science and technology studies and adjacent fields provides numerous examples of how this pervasive sociotechnical system has been shaped and used to dystopic ends. This article examines different future imaginaries present in Future Internet Architecture (FIA) projects funded by the National Science Foundation (NSF) from 2006 to 2016, whose goal was to incorporate social values while building new protocols to replace Transmission Control Protocol and Internet Protocol to transfer and route information across the ever-expanding Internet. I examine the findings from two of the NSF’s FIA projects—Mobility First (MF) and eXpressive Internet Architecture—to understand the projects’ trajectories and values directives through their funding cycle and their projections into the future. I discuss how project documentation and participant articulations fall into the following three distinct themes about past experience and speculation: understanding the public, negotiating resources, and carrying project values into the future. I conclude that if the future Internet is to promote positive sociotechnical relationships, its architects must recognize that complex social and political decisions pervade each step of technical work and do more to honor this fact.

A Lightweight Nature Heterogeneous Generalized Signcryption (HGSC) Scheme for Named Data Networking-Enabled Internet of Things

Internet of Things (IoT) is the collection of different types of smart objects like mobile phones, sensors, cars, smart cities, smart buildings, and healthcare, which can provide a quality life to humans around the globe. These smart objects sense and produce a huge amount of data for distribution. The current hostcentric networking paradigm is not that scalable to provide a suitable solution to the idea of IoT. For scalable connectivity and efficient distribution, Named Data Networking (NDN) has been envisioned as a promising solution for future internet architecture. On the other hand, the significant issues regarding the adaptation of NDN with IoT possess security concerns such as authentication, confidentiality, integrity, and forward secrecy. As IoT is a heterogeneous environment, it demands a different type of security, according to the environmental situation such as public key infrastructure (PKI), identity-based cryptosystem (IBC), and certificateless cryptosystem (CLC). This paper presents a new concept of CLC to IBC heterogeneous generalized signcryption for the first time to fulfil the prime security requirements of NDN-based IoT. The proposed scheme provides the security properties according to situational needs without disturbing the structural policy of NDN. Considering the resource-constrained nature of IoT, we used a lightweight type of elliptic curve called the hyperelliptic curve cryptosystem which offers the same level of security as that of bilinear pairing and an elliptic curve cryptosystem using a minimum key size. Further, we compare the proposed scheme with recently proposed identity-based as well as certificateless generalized signcryption schemes, and the results give satisfactory outputs in terms of computational and communication resources. Furthermore, we simulate the proposed scheme with Automated Validation of Internet Security Protocols and Applications (AVISPA), and the results show that our scheme is valid and safe. Additionally, we provide a practical scenario of the proposed on NDN with an IoT-based smart city.

Incentivizing stable path selection in future Internet architectures

By delegating path control to end-hosts, future Internet architectures offer flexibility for path selection. However, there is a concern that the distributed routing decisions by end-hosts, in particular load-adaptive routing, can lead to oscillations if path selection is performed without coordination or accurate load information. Prior research has addressed this problem by devising path-selection policies that lead to stability. However, little is known about the viability of these policies in the Internet context, where selfish end-hosts can deviate from a prescribed policy if such a deviation is beneficial from their individual perspective. In order to achieve network stability in future Internet architectures, it is essential that end-hosts have an incentive to adopt a stability-oriented path-selection policy.In this work, we perform the first incentive analysis of the stability-inducing path-selection policies proposed in the literature. Building on a game-theoretic model of end-host path selection, we show that these policies are in fact incompatible with the self-interest of end-hosts, as these strategies make it worthwhile to pursue an oscillatory path-selection strategy. Therefore, stability in networks with selfish end-hosts must be enforced by incentive-compatible mechanisms. We present two such mechanisms and formally prove their incentive compatibility.

Quantifying Deployability and Evolvability of Future Internet Architectures via Economic Models

Emerging new applications demand the current Internet to provide new functionalities. Although many future Internet architectures and protocols have been proposed to fulfill such needs, ISPs have been reluctant to deploy many of these architectures. We believe technical issues are not the main reasons as many of these new proposals are technically sound. In this paper, we take an economic perspective and seek to answer: Why do most new Internet architectures fail to be deployed? How can the deployability of a new architecture be enhanced? We develop a game-theoretic model to characterize the outcome of an architecture’s deployment through the equilibrium of ISPs’ decisions. This model enables us to: (1) analyze several key factors of the deployability of a new architecture such as the number of critical ISPs and the change of routing path; (2) explain the deploying outcomes of some previously proposed architectures/protocols such as IPv6, DiffServ, CDN, etc., and shed light on the “Internet flattening phenomenon” ; (3) predict the deployability of a new architecture such as NDN, and compare its deployability with competing architectures. Our study suggests that the difficulty to deploy a new Internet architecture comes from the “coordination” of distributed ISPs. Finally, we design a mechanism to enhance the deployability of new architectures.

Blockchain technology in Named Data Networks: A detailed survey

With massive new applications and online services, the future design of the Internet will have new requirements and implications, such as compatible mobility, scalability, reliability and security. The Named Data Networking (NDN) is the most promising future internet architecture paradigm which focuses on content driven communication. Unlike traditional IP networks, named content-based data networks (NDNs) can quickly retrieve and deliver content. Blockchain technology has been widely used for decentralized payments, asset management, healthcare and cloud computing etc. Blockchain provides a decentralized and distributed solution to maintain consistent and reliable records in unreliable networks without the need of a centralized authority. However, blockchain technology over IP has still some serious problems such as lack of efficiency for hierarchical access. The use of blockchain technology over NDN has solved these problems providing a decentralized system and simplifying the architecture. In this paper, we present a detailed and comprehensive survey on the use of blockchain technology in NDN for the very first time. Finally, some research challenges and key issues have been discussed.

QoE-Aware Multi-Source Video Streaming in Content Centric Networks

Content Centric Networking (CCN), a future Internet architecture, brings new challenges in maintaining the Quality of Experience (QoE) for video streaming. Because of the universal caching capability of CCN routers, streaming from multiple sources will be common, and switching between content sources might affect QoE by inducing delays and consequently stalls in video playback. This paper proposes a new QoE-aware multi-source video streaming scheme for CCN. First, the content distributions of video files among CCN nodes for different caching methods are studied. Second, an adaptive video streaming with distributed caching (ASDC) algorithm is designed to guarantee QoE during the switching between content sources. The ASDC algorithm considers the delivery of scalable video streams. It automatically adapts the layers in a video stream when there is source switching, based on a QoE model that characterizes the effect of stalling. Experimental results show that the ASDC algorithm outperforms dynamic adaptive streaming over HTTP (DASH) in the CCN platform in terms of the QoE obtained from human subjective tests.

Design of peer-to-peer protocol with sensible and secure IoT communication for future internet architecture

In recent times, Internet connected technologies and applications have seen tremendous growth as everyone is inclined to enjoy the benefits offered by them. An upcoming technology called Internet of Things (IoT) has increased the capacity of internet to take in numerous computing devices. With respect to the prevailing IP-based Security Protocol (SecP) suites, which rely on the conventions of Network Topology (NT) and device and network (n/w) abilities to decide on the designs of the employed Security Mechanisms (SecM). In this work, we address by putting forth a unified IoT framework model dependent on the Mobile Security IP IoT Architecture (MSIP-IoT-A) which exclusively concentrates on supporting Sec for the IoT. The model suggested by us, brings together local IoT systems with the global Internet with no loss in its usage, ability of cross operation and protecting the Sec. An Internet of Things (IOT) – Name Determination Check (NDC) is proposed as the main part of the middleware layer by us in this article and we also generate a We propose an IoT-NDC as a core component of the, and develop a not so heavy but light keying protocol capable of establishing a trust amid an IoT device and the IoT-NDC. Moreover, we attempt of identify and fix this issue by suggesting a peer-to-peer SecP for fulfilling a range of environment. We have applied safe communication (comm.) upon an open sourced platform for the IoT. Ultimately, with assessment and studies with the help of models and data from the SecPlogic, we conclude that the suggested methodology is effective to fulfill the mentioned objective and can be used for the platform.

Device-centric adaptive data stream management and offloading for analytics applications in future internet architectures

Information-Centric Networking (ICN) enables in-network data management and communication between multiple parties by replicating data and activating interactions between decoupled senders and receivers. Existing data management and offloading schemes in ICNs primarily use the transport layer hence it becomes inefficient to actively develop and update the ICN standards because of continuously evolving heterogeneous future internet architectures such as mobile edge cloud computing (MECC) architectures. In this paper, we present an adaptive execution model for mobile data stream mining (MDSM) applications in MECC environments to enable device-centric adaptive data management and offloading. We designed the proposed execution model considering multiple factors of complexity such as volume and velocity of continuously streaming data, the selection of data fusion and data preprocessing methods, the choice of learning models, learning rates, learning modes, mobility, limited computational and memory resources in mobile devices, the high coupling between application components, and dependency over Internet connections. We integrated the proposed execution model with multiple MDSM applications mapping to a real-word use-case for activity detection using MECC as a future network architecture. We thoroughly evaluated the proposed execution model in terms of battery power consumption, memory utilization, makespan, accuracy, and the amount of data reduced during in-network communication. The comparison showed that our proposed adaptive execution model outperformed the static and dynamic execution models which were deployed in the same ICN architecture.

Optimized content centric networking for future internet: Dynamic popularity window based caching scheme

Content-Centric Networking (CCN) has emerged as a promising future Internet architecture that concentrates on content-centric information retrieval instead of current host-based infrastructure. In-network content caching has been integrated with CCN that allows the transformation from IP-based architectures to a completely decentralized environment which is based on the Content-Centric approach for future Internet architecture. In traditional caching schemes, each intermediate router caches a copy of content before forwarding it towards the requester. However, the caching capacity of routers is much smaller as compared to the forwarded traffic through them. For comprehensive utilization of available cache space, a novel content caching scheme called DPWCS (Dynamic Popularity Window-based Caching Scheme) has been proposed that efficiently places contents in the network cache. By intelligently determining the size of popularity window using request rate and the total number of distinct contents in the network, DPWCS is able to improve network performance by caching popular contents in the routers. The proposed scheme also translates the threshold determination issue into an optimization problem and propose cache size and Zipf distribution based heuristics for its computation. Extensive simulation results demonstrate the necessity of DPWCS, as the default caching scheme is unable to achieve significant network performance with realistic request rates, cache sizes, and requests distribution patterns. It is shown that the proposed scheme increases the cache hit-ratio, hop reduction ratio and server-load reduction ratio up-to ≈ 13%, ≈ 11% and ≈ 13% from peer competing caching schemes respectively with widely accepted Least-Recently-Used (LRU) cache replacement policy and ≈ 23% reduction in average network hop count under various simulation scenarios. This makes it suitable for Industry 4.0 and futuristic Internet architectures with 5G.

A walkthrough of name data networking: Architecture, functionalities, operations and open issues

Name data networking (NDN) is one of the proposed ICN based future Internet architecture aims to substitute our current TCP/IP based Internet. The recent advancements in technology reduced the cost to connect to the Internet and made it feasible to connect a wide variety of devices that leads to rapid growth in hand-held devices and exponentially increased Internet users. The Internet usage pattern has also changed dramatically in the last decade and a considerable proportion of Internet traffic consists of video files only. TCP/IP based Internet was designed to communicate between point to point entities and mobility, multicast support, security, and a tremendous amount of Internet traffic was not considered at that time. The mismatch between Internet usage requirements and current Internet architecture motivated researchers to come up with content based new sustainable Internet architecture. NDN is designed from a clean slate and supposed to overcome the shortcomings while leverage strength present in TCP/IP based Internet architecture. NDN is a request-driven architecture where users request for content using names without concern about host. This article presents a detailed survey on NDN architecture, protocols, and previously proposed strategies. It also offers a comparative study on proposed strategies for naming, content caching, inter and intradomain routing, forwarding, and security. This survey uses a bottom-up approach and a new taxonomy for comparative analysis and assessment to present insights about the differences between the existing strategies and protocols proposed for NDN. The survey also explored the present applications and ongoing research and suggests future research directions.

F-NDN: An Extended Architecture of NDN Supporting Flow Transmission Mode

As a promising candidate for future Internet architecture, Named Data Networking (NDN) can achieve significant potential advantages over current TCP/IP based Internet in content distribution and mobility support, etc. However, the communication mode in NDN that one Interest packet for pulling one data packet is likely to incur Interest packets flooding and to cause extremely large-scale Pending Interest Table (PIT) of the NDN router, which may substantially degrade the performance of NDN. Moreover, the absence of predefined connections also induces another challenge for NDN to manage the successive and concurrent requests from consumers efficiently. In this paper, we propose flow-based NDN ( $f$ -NDN) architecture capable of supporting flow transmission mode for addressing the aforementioned challenges. In the context of $f$ -NDN, a data flow is defined as an aggregate of data packets with the same name prefix, and a flow Interest packet is introduced to pull a data flow rather than a single data packet. The PIT, CS, and FIB are re-designed to enable $f$ -NDN to operate at the granularity of flows. Bitmap structure aided error handling mechanism is further presented for $f$ -NDN to deal with the flow transmission’s uncertain failures. The built-in flow support in $f$ -NDN allows us to conceive a flow-level multi-path transmission regime for balancing the traffic in NDN network and reducing the time consumed for pulling the entire content. Weight-based flow Interest splitting algorithm and optimal rate control algorithm are both proposed for optimizing multi-path transmission. We illustrate the capability of the proposed architecture in supporting flow transmission and multi-path by implementing it in both simulator and prototype systems. The evaluation results are also presented to show its achievable performance.

A blockchain-based architecture for secure vehicular Named Data Networks

In vehicular networks, vehicles exchange a massive amount of information aiming at improving people’s safety. Most of this information is personal or sensitive in nature, which makes security and privacy indispensable tasks. Named Data Networking is a future Internet architecture that adopts content-based security and in-network caching features to improve content delivery. However, the use of Named Data Networking on top of vehicular networks brings various challenges, especially in security and trust levels. The use of the distributed and control-less in-network caching allows malicious users to use the built-in design to launch attacks at the cache-store. Moreover, a malicious node can serve invalid or unlimited Interests to start an Interest flooding attack. In this paper, we propose a reputation-based Blockchain mechanism to secure both of Interest and Data forwarding plane, and content caching. The simulation results exhibit that our solution forwards only valid Interest and caches only trust content.

The Future Internet – problems and perspectives

The issues of the current Internet architecture considered. A brief survey of related publications given. The perspectives of migration to the Future Internet discussed. Cognitive principles formulated for study Internet as a complex system. An author's vision of the Future Internet outlined. Primary steps proposed to reorganize the IP layer in TCP/IP model when transition to the Future Internet architecture. Figs.: 1. Refs.: 24 titles.Keywords: future Internet architecture; system approach; TCP/IP.

ChoKIFA+: an early detection and mitigation approach against interest flooding attacks in NDN

Several ongoing research efforts aim to design potential Future Internet Architectures, among which Named-Data Networking (NDN) introduces a shift from the existing host-centric Internet Protocol-based Internet infrastructure towards a content-oriented one. However, researchers have identified some design limitations in NDN, among which some enable to build up a new type of Distributed Denial of Service attack, better known as Interest Flooding Attack (IFA). In IFA, an adversary issues not satisfiable requests in the network to saturate the Pending Interest Table (PIT) of NDN routers and prevent them from properly handling the legitimate traffic. Researchers have been trying to mitigate this problem by proposing several detection and reaction mechanisms, but all the mechanisms proposed so far are not highly effective and, on the contrary, heavily damage the legitimate traffic. In this paper, we propose a novel mechanism for IFA detection and mitigation, aimed at decreasing the memory consumption of the PIT by effectively reducing the malicious traffic that passes through each NDN router. In particular, our protocol exploits an effective management strategy on the PIT, through which the Malicious Interest (MIs) already stored in the PIT are removed and the new incoming MIs are dropped. In addition, the proposed countermeasure provides an additional security wall on the edges of the network to detect and mitigate the attack as early as possible and improve the network health, i.e., routers PIT occupancy during IFA. To evaluate the effectiveness of our work, we implemented the proposed countermeasure on the open-source ndnSIM simulator and compared its effectiveness with the state of the art. The results show that our proposed countermeasure effectively reduces the IFA damages both in terms of preserved legitimate traffic and availability of routers PIT. Considering the legitimate traffic, the amount of Benign Interests preserved by our approach increases from 5% to 40% with respect to the preservation guaranteed by the state-of-the-art solutions. Concerning the routers PIT availability, our approach guarantees that the 97% of the PIT size is left free for handling the legitimate traffic.

ELC: Edge Linked Caching for content updating in information-centric Internet of Things

Internet of things (IoT) has enabled every thing around us to have an Internet connection. In the future, IoT will generate more content than any other network. It is estimated that about 27 billion Internet enabled devices will connect to the Internet. For IoT, the current IP-based architecture, also known as Host-centric architecture, is not suitable. Therefore, a clean slate architecture is required to provide solutions to the problem. The researchers have recently proposed an appropriate architecture for this purpose, known as Information-Centric Network (ICN). ICN would potentially become the future Internet architecture as it has the ability to manage this huge number of IoT devices and their content. ICN’s in-network caching functionality is very useful for IoT, as it reduces the overhead of the publisher with respect to content access. This paper proposes an IoT caching strategy based on ICN that will effectively cache IoT data as well as update and evict content based on its freshness values.

NC based DAS-NDN: Network Coding for robust Dynamic Adaptive Streaming over NDN

Over the last few years, the dramatic growth in video demand has inspired the service providers (e.g., Netflix and YouTube) to swing towards HTTP based Dynamic Adaptive Streaming (DASH). However, sustaining the adequate bandwidth claims over this rapid growth in multimedia content becomes a significant challenge for network operators. Considering the effectiveness of the next generation future Internet architecture, i.e., Name Data Networking (NDN), recently DASH over NDN is implemented. The fundamental characteristics of NDN, such as efficient content distribution and low bandwidth requirements, significantly increase the bandwidth utilization, which ensures the smooth delivery of multimedia content. However, we discovered that the above characteristics of NDN also opens the door for new vulnerabilities.In this paper, first we propose a new attack termed as “Bitrate Oscillation Attack” (BOA), which disrupt the functionality of DASH protocol over NDN by exploiting its two key features called in-network caching and interest aggregation. In particular, BOA forces the DASH streaming system running at the honest client to oscillate in various video resolutions with high frequency and amplitude, within a single video session. Second, to mitigate the BOA, we design and implement a proactive countermeasure called “NC based DAS-NDN”. Our solution efficiently enables the network coding to DAS multimedia content and within NDN architecture. Thus, without any coordination between the network nodes reduces bitrate oscillations in the presence of BOA and NDN’s inherent content source variations. The performance evaluation performed on different target scenarios proves the effectiveness of our proposed attack, and the results also show the correctness of our proposed corresponding countermeasure. In particular, the result analysis shows that BOA increases the annoyance factor in spatial dimension of end-user, and our countermeasure greatly reduces the adverse effects of BOA and also make DAS friendly to NDN’s inherent features.

Quality of Service provisioning in Named Data Networking via PIT entry reservation and PIT replacement policy

Named Data Networking (NDN) is a promising candidate of Future Internet Architecture (FIA) designed to solve many long-standing issues in current IP architecture such as security, mobility, and content distribution inefficiency. Pending Interest Table (PIT) is one of the essential building blocks of NDN, which is used in the successful delivery of data packets to the requesters. It helps to achieve intrinsic advantages such as anonymity, interest aggregation, multi-cast delivery, multi-path forwarding, and security. NFD (NDN Forwarding Daemon) currently does not constrain the size of PIT. Over-allocation of PIT does not contribute to network performance improvement rather helps in performance degradation. Therefore, there is a need to restrict PIT size. However, in the presence of bursty traffic, PIT may turn out to be full, and new incoming Interest packets may get dropped. In this case, NDN faces a new challenge to achieve Quality of Service (QoS) under bursty traffic. This paper presents two simple schemes to solve this problem via PIT entry reservation and PIT entry replacement policy. We present analytical models of both the schemes using Continuous Time Markov Chain (CTMC). We derive blocking and forced termination probability of Interest packets as performance metrics. The accuracy of the models is validated through simulation results.

Academic video lectures over named data networking

PurposeInformation-centric networking (ICN) is an innovative paradigm for the future internet architecture. This paper aims to provide a view on how academic video lectures can exploit the ICN paradigm. It discusses the design of academic video lectures over named data networking (NDN) (an ICN architecture) and speculates their future development. To the best of author’s knowledge, a similar study has not been presented.Design/methodology/approachThe paper is a visionary essay that introduces the background, elaborates the basic concepts and presents the author’s views and insights into academic video lectures that exploit the latest development of NDN approach and its applications.FindingsThe ICN paradigm is closely related to the levels of automation and large-scale uptake of multimedia applications that provide video lectures. Academic video lectures over NDN have: improved efficiency, better scalability with respect to information/bandwidth demand and better robustness in challenging communication scenarios. A framework of academic video lectures over NDN must take into account various key issues such as naming (name resolution), optimized routing, resource control, congestion control, security and privacy. The size of the network in which academic video lectures are distributed, the content location dynamics and the popularity of the stored video lectures will determine which routing scheme must be selected. If semantic information is included into academic video lectures, the network dynamically may assist video (streaming) lecture service by permitting the network to locate the proper version of the requested video lecture that can be better delivered to e-learners and/or select the appropriate network paths.Practical implicationsThe paper helps researchers already working on video lectures in finding a direction for designing and deploying platforms that will provide content-centric academic video lectures.Originality/valueThe paper pioneers the investigation of academic video lecture distribution in ICN and presents an in-depth view to its potentials and research trends.