Professional Documents
Culture Documents
a r t i c l e i n f o a b s t r a c t
MSC: The exponential growth of multimedia content in today’s Internet traffic and the increasing need of
00-01 bandwidth-consuming or location-independent services motivated the research community to design a
99-00
viable replacement for the current IP-based Internet architecture. Named Data Networking or NDN is a
Keywords: novel network architecture that uses universal in-network caching and routing by name functionalities
Named data networking to deliver content efficiently and to improve service quality. Network coding benefits named data net-
Network coding working with its inherent algebraic structure and the maximum flow rates performance it achieves in
Software defined networking multicast. With network coding, the content can be requested via multiple interfaces thus improving sig-
Homomorphic signature nificantly content delivery efficiency. However, it is vulnerable to pollution attacks, which can cause a
crucial degradation of network bandwidth. In this paper, we propose an efficient and optimized authenti-
cation technique for a content distribution NDN architecture based on network coding. Our solution uses
homomorphic signature mechanism, which allows intermediate nodes to verify the authenticity of flows
to overcome the pollution problem without having access to content. We formulate NDNAuth, an optimal
coding and homomorphic signature scheme as a MIP problem. Furthermore, we show how to leverage
Software Defined Networking to provide seamless implementation of the proposed solution. We mea-
sure the processing overhead and the dynamic system security state based on three metrics: (1) defence
power; (2) threat severity and (3) system vulnerability. Finally, we discuss how to minimize the compu-
tational cost of coding and signature scheme operations. Experimentation results prove the efficiency of
the proposed coding scheme, which achieves better performance than conventional NDN with random
coding especially in terms of transmission cost and security.
© 2019 Elsevier Ltd. All rights reserved.
∗
Corresponding author.
E-mail address: r_boussaha@esi.dz (R. Boussaha).
1 2
Content Centric Networking or Named Data Networking. Quality of Service.
https://doi.org/10.1016/j.jisa.2019.102409
2214-2126/© 2019 Elsevier Ltd. All rights reserved.
2 R. Boussaha, Y. Challal and A. Bouabdallah et al. / Journal of Information Security and Applications 50 (2020) 102409
transmissions. Furthermore, it improves packet diversity in the is to reduce the cost of verifications and signature operations
network, resulting in fewer redundant retransmission of lost carried out to solve the problem of pollution and to adapt the
packets and reduced bandwidth cost. optimization technique to the routing protocol of NDN. The main
Recent research efforts prove that network coding benefits contributions of this paper can be summarized as follows:
named data networking. Indeed, named data networking and
network coding are both dealing with content distribution, trading • In order to verify flow authenticity gradually in the network
storage and computation for efficient data delivery. Combining and to maximize security level while minimizing the check-
named data networking with network coding was initially pro- points and resources required for verification, we formulate
posed in [2], in which the authors propose a coding-caching an optimization encoding problem as a multiobjective MIP
scheme for Information Centric Networking in order to increase model. In fact, the multi-path approach in which various paths
the cache hit rate and to improve network throughput. are established between the source and the destination may
In fact, the benefits of using network coding in Named Data generate an important overhead. Additionally, this may not
Networking are manifold. First of all, this consents to fully exploit cover some application scenarios like transportation scenario,
network coding in order to improve transmission efficiency and express packet delivery, massively dense wireless multi-hop
scalability with the high potential to disseminate data in an where a typical path between two nodes consists of a large
entirely independent and distributed fashion. Secondly, it takes number of hops. Hence, in this work, we consider two different
advantage of caching functionality of named data networking to policies. The first allows to avoid the additional routing over-
strengthen network robustness. In fact, NDN leverages in-network head, since content is supposed to be encoded only along the
caching for future use. Each node can cache forwarded content; path from the producer to the consumer. We call this policy
with this caching mechanism, content will be quickly spread in Single-Path NDNAuth. The most obvious choice for paths are
the network. However, with NDN, consumer’s request can trigger the shortest paths, which state that the flow of each interest
many responses from different caches and the consumer will must be transported along a single path from its source to its
consider only the first coming back content, and any subsequent destination. The other policy, called NDNauth, is intended to
copies will be discarded. Hence, superfluous traffic introduced by improve the cache hit ratio with additional routing overhead.
these redundant copies returned to the consumer will devastate Content can be encoded and cached at any place in the net-
network resource. In this paper, we propose to introduce Net- work. Furthermore, we consider the impact of the link capacity
work Coding to foster the entropy of the in-network information on encoding content assignment in the two approaches.
collected through NDN-caching mechanism. Moreover, the use • We propose a cooperative authenticated network coding archi-
of network coding can as well improve network robustness. If a tecture based on Software-Defined Networking. SDN controllers
message is lost on some path due to path failure or congestion, it handle the caching decision, the network coding and the
could be recovered from any alternative linear combination that is homomorphic signature operations through the network. We
reachable through another path. consider particularly the dynamic evolution of systems security
However, network coding systems are inherently vulnerable to a over time, where a system needs to deal with attackers and
severe attack, known as packet pollution, in which malicious nodes employs various types of defence mechanisms. The security
insert invalid packets into the network intentionally to contami- state provides the potential to enhance decision-making ability
nate the whole downstream. The intermediate nodes are unaware in highly dynamic situations in terms of assigning the role
of receiving the erroneous messages and continue to encode and of coding and controlling flow authenticity. We measure the
forward the polluted packets. Hence, a single corrupted packet can following three metrics [7]: (1) defence strength, (2) attack
culminate to an epidemic propagation of polluted packets through severity and (3) system vulnerability.
the process of intermediate coding, and prevent the receiver from • Our results suggest that our solution can consistently achieve
decoding correctly. This attack will cause a considerable waste of an increased gain across network topologies that have different
network bandwidth and a crucial degradation of throughput. structural properties. We further find that the effectiveness
Furthermore, the diffuse nature of NDN, and the use of caching of our solution is correlated to the precise structure of the
storage, which represents a potential source of the data makes network topology, in terms of node degree and link density,
the pollution problem even more disastrous. Once the polluted whereby the scheme is effective in topologies that exhibit
messages are transmitted in the network and without performant Power Law distribution. Through experimentation results, we
detection mechanisms in terms of cost and reliability, receivers argue that the proposed optimal coding scheme achieves better
cannot retrieve and reconstruct the original messages. To cope performance than conventional NDN with random coding
with this attack, intermediate nodes need to verify the validity especially in terms of transmission cost and security require-
and the authenticity of incoming packets at the first hop. Digital ment. The proposed model reduces incredibly the processing
signatures and MAC are insufficient to mitigate pollution attacks overhead generated by the authentication scheme, since the op-
and to ensure a “hop-by-hop containment”, as intermediate nodes erations of encoding, verification and computation of new ho-
do not have the original message packets and therefore cannot momorphic signatures will be carried out in a cooperative way.
verify the proof of authenticity.
Network coding signature schemes relying on homomorphic In the next sections, we first present some background def-
hash functions [3] or homomorphic signatures [4] can be used initions. We formulate the incentive authentication problem in
to solve this problem. However, introducing security implies Sections 3–5. We further explain the design and features of our
additional cost. Security mechanisms require additional compu- SDN-based cooperative encoding architecture in Section 6. We
tations, introduces delays and increases storage requirements. In carry out a systematic evaluation study in Section 7 that explores
this work, we propose an optimized collaborative authenticated topology parameters of the authentication scheme. We delve
scheme NDNAuth that allows efficient containment while reducing deeper into the characteristics of our proposed scheme and show
the induced overhead. We leverage Software-Defined Networking its effectiveness compared to other works. We review previous
(SDN) [5,6] technology to implement efficiently our optimized work relating to Network Coding over Named Data Networks
proposal. We focus mainly on the question of how to deliver effi- and works on securing network coding in Section 8. We finally,
ciently authenticated encoded packets that are stored in different conclude the paper and give some directions for future work in
locations and requested by various users. The aim of this work Section 9.
R. Boussaha, Y. Challal and A. Bouabdallah et al. / Journal of Information Security and Applications 50 (2020) 102409 3
2.1. Named data networking Network Coding is a new paradigm of information transmission
and processing, in which the network is modelled as a directed
Named Data Networking is the Content Centric Network design graph (V, E) consisting of a set of vertices V (nodes) and a set of
we consider in this work. Basically, NDN uses a receiver-driven edges E (links). A node that only transmits data is called a source
communication model in which consumer requests content by node, and the one that only receives data is called a target node.
sending an Interest packet. The latter carries a name that identifies If a source S wishes to transmit one file F through the network
the desired data. Once the Interest reaches a node that has the to a subset of target nodes, then the file to be transmitted F
requested content, a Data packet is sent back via the reverse path. is divided by the source into a set of n − dimensional vectors
NDN nodes are made up of three special table structures, which (v1 , v2 , . . . , vm ) over a ring or a field4 F (the dimensions n and m
manage packets forwarding: are fixed parameters in the system). The source then attaches a
unit vector of length m to the vectors vi to create m augmented
vectors v˜1 , v˜2 . . . , v˜m given by:
• The Pending Interest Table (PIT) - table responsible for keeping m
track of the currently unsatisfied interest packets;
• The Content Store (CS) - persistent caching storage for the node; v˜ i = (−vi −, 0, 0, . . . 1, 0, 0.0) ∈ Fn+m , ∀i ∈ [[1, m]]
• The Forwarding Information Base (FIB) - routing table including i
the next hop information for prefix names. The first n entries of v˜ i which correspond to vi are called data
component and the last m entries are named augmentation com-
ponent. We refer to primitive vectors those which have not been
When a router receives an Interest for some data, it delivers
mixed with any other (i.e. the augmentation components are equal
this data directly from its cache (CS) if it has a copy. Otherwise,
to unit vectors) and the aggregate vectors refer to the vectors that
it caches the corresponding Interest inside its own PIT with the
have been formed as linear combination of other vectors (i.e. the
name of the arrival interface.3 If a new Interest for the same
augmentation components represent the combination coefficients).
content is gathered, its arrival interface is added to the arrival in-
The coding part works as follows: After receiving l vectors
terfaces list of that Interest. Then, the router forwards the Interest
packet by looking up the name in its FIB.
v˜ 1 , v˜ 2 , . . . , v˜ l , a honest intermediate node chooses l random coef-
ficients over a finite field F and computes a new vector for each
Upon receiving a data packet, the router finds the matching
outgoing edge. Formally, at the jth outgoing edge, the node sends
PIT entry and forwards the data to all the interfaces listed within
the vector zj given by:
the same entry. Furthermore, the router caches the data in its CS
and clears away the corresponding PIT entry. Data packet takes
l
the same path as the Interest that solicited it but in the reverse zj = αi j ∗ v˜ i
direction. Fig. 1 illustrates the communication process. i=1
4
For typical networks encountered in practice, taking |F| ≈ 256 has been shown
3
The interface from which the Interest arrives. to give a probability of decoding failure of less than 1%.
4 R. Boussaha, Y. Challal and A. Bouabdallah et al. / Journal of Information Security and Applications 50 (2020) 102409
A target node reconstructs the original file sent by the source • P (or the encoder) divides the file F into m chunks (or packets)
−
→
using a set of m linearly independent vectors wi = (yi | αi )i=1,m v1 , v2 , v3 , . . . , vm where the size of each packet is n, and creates
−
→
where ( αi )i=1,m are linearly independent. Then, the original file augmented vectors7 from these packets.
can be recovered as Y = A−1 .W, such that A is the matrix whose • The encoder generates and transmits linear combinations of
rows are the vectors α1 , α2 , . . . , αm and Y the matrix whose rows these vectors.
are the vectors y1 , y2 , . . . , ym .
In fact, with linear network coding this set of m packets is
called a generation. The middle layer in our system is the set of
2.3. Homomorphic encryption
intermediate nodes, called also recoders. These network nodes
receive a series of encoded packets and perform new linear combi-
Homomorphic encryption is a cryptographic primitive used
nations that are passed to the decoder (the bottom component of
to perform operations on encrypted data without knowing the
the system) which will be able to reconstruct the original file after
private key. Gentry [8] proposed the first Fully Homomorphic
receiving at least m linearly independent packets. We suppose that
encryption (FHE) scheme which makes it possible to carry out
the transmitted packets in the network are linearly independent.
arbitrary operations on the encrypted data by operating on cipher-
In addition to the encoding operations that all the nodes must
text directly without knowing the original data. The outcome of
perform, and in order to ensure authentication, the source and the
the computation is represented in encrypted form and can only be
set of intermediate nodes must append homomorphic signatures
decrypted by a legitimate owner of the private decryption key.
to the transmitted coded messages.
In this paper, we use the more practical variant of the homo-
morphic encryption scheme recently proposed in [9]. It operates in
3.2. Problem statement
the ring R = Z[X ]/(X n + 1 ) for n being a power of 2, i.e. the objects
the scheme uses are all polynomials with integer coefficients of
If we consider the network model described above, and in order
degree less than n.
to formally state the problem, we introduce the following notation:
The homomorphic signature scheme is a tuple of five algo-
rithms: • h is the number of nodes between the producer and the con-
sumer of the file F.
1. KeyGen(n, q, t, χ key , χ err ): receives on input the system param-
• Css , Cse are respectively the homomorphic signature calculation
eters and generates a public/private key pair and an evaluation
cost and the encoding cost of the source node.
key evk ∈ Rlog2 (q ) , which will be used in the homomorphic
• Cis , Cie , Civ are respectively the homomorphic signature calcula-
multiplication operation and contains information about the
tion cost, the encoding cost and the signature verification cost
private key in encrypted form;
of intermediate nodes.
2. Encrypt(h, m): encrypts a message m using the public key h
• Ccv , Ccd are respectively the signature verification cost and the
and outputs a ciphertext c given by5 :
decoding cost of the consumer node.
c = [q/t [m]t + e + hs] ∈ R;
In this case, the trivial cost induced by the several operations
3. Decrypt(f, c): decrypts a cipher text c with the private decryp- performed by each node between the producer and the consumer
tion key f, the decryption process computes : is given by:
t
m = [ .[ f c]q ]t ∈ R; C ost = (Css + Cse ) + h ∗ (Cis + Cie + Civ ) + (Ccv + Ccd )
q
We can clearly notice that this cost will counterbalance the data
4. Add(c1 , c2 ): given two ciphertexts c1 and c2 , this function
transmission time, and will generate an important processing over-
computes
head. In fact, in order to fix the pollution problem, we consider
cadd = [c1 + c2 ] encrypting the sum (m1 + m2 ) modulo t;
two trivial situations:
5. Mult(c1 , c2 , evk): given encryptions of m1 and m2 and the
evaluation key evk, compute cmult = [ qt c1 c2 ]t and perform 1. Verify the signatures of received messages and calculate new
KeySwitch(cmult , evk). The latter will allow the ciphertext to be homomorphic signatures in each intermediate node after
decrypted with the original secret key. For further details, we performing network coding.
refer the reader to [9]. 2. Sign the transmitted messages only once at the producer and
check the signatures particularly in the consumer node.
3. System model and problem statement
The first scheme allows to have a very high level of secu-
3.1. Network model rity. Nevertheless, it generates very bad performance since the
calculation cost is very important. While the second scheme
In our proposed architecture NDN-Auth6 , we assume that can significantly reduce the processing overhead. However, the
the network is represented as a directed graph G = (V, E ), such system vulnerability is eminent. So, the purpose of this work is
that V is the set of vertices (nodes) and E is the set of edges to ensure a trade-offs between the aforementioned schemes and
(links between nodes). As illustrated in Fig. 2 the set V is partitioned to alleviate the signing and verification procedure by installing a
into three subsets, V = C ∪ P ∪ I. C is the set of consumers (called reduced number of compelling nodes responsible for operating
also top component) which send Interest messages, P is the set of all the encoding and signature operations. In fact, we propose a
producers which respond with Data messages and I is the set of slight hop-by-hop containment to reduce homomorphic signature
intermediate nodes which support the forwarding of Interest/data scheme calculation cost. We assume that trust nodes are installed
messages and store the received chunks. in the network, these nodes should perform the encoding, signa-
Assume a specified client node C intends to request a file F ture verification and creation of new homomorphic signatures. In
from a producer P. Then P operates the following tasks: contrast, the other nodes should only transfer packets to the re-
questing interfaces. This method will reduce the overall calculation
cost and ensure a trade-offs between it and security level. The
5
Some operations reduce coefficients of polynomials in R modulo an integer
modulus q, this operation is symbolized by [.]q .
6 7
Network coding with homomorphic signatures in NDN. With random linear network coding, data is represented as vectors.
R. Boussaha, Y. Challal and A. Bouabdallah et al. / Journal of Information Security and Applications 50 (2020) 102409 5
selection of trust nodes is ensured by means of a multiobjective a multiobjective optimization approach by assigning different
optimization model. We propose two variants of the optimization weights to those two different objectives.
model. In the first model NDNAuth, we consider that the content
could be coded and combined everywhere in the network. While 4.1. Input parameters
in the second model SP-NDNAuth, the nodes are selected along
the path from the source to the destination. Table 1 summarizes the parameters and their meanings. Let
I denote the set of intermediate nodes. F represents the set of
packet items, m denotes the generation size which is equal to the
4. Multiobjective optimization model
number of packets per file, L represents the set of directed links
of the network and n represents the packet size. In this paper, we
In this paper, we study the optimal coding assignment with
perform coding across one generation, we do not study mixing of
practical constraints such as the coding and signature cost, the
different generations. δ v is the number of vectors received at v ∈ I.
decoding and verification cost and the link capacity constraint. We
ωi denotes a weight selected by the network designer to reflect
consider the case of single source and single destination nodes.8
the relative importance of an objective function in the aggregating
We formulate a multiobjective mixed integer program (MIP) to
one. While ω0 is the calculation cost weight coefficient and ω1 is
find the optimal assignment of coding nodes and to determine
the security level weight coefficient. The encoding, homomorphic
the number of linear combinations operated by each one. We
signature, homomorphic verification and decoding costs of k
consider that the content is a complete file consisting of a bundle
packets { p1 , p2 , . . . , pk } ∈ Fnq are represented respectively by ck,q ,
of packets for convenience.
Our goal is to find the optimal coding assignment that min- sk,q , vk,q and dk,q .
imizes the total calculation cost while satisfying the required
security level. In fact, minimizing calculation cost and maximizing 4.2. NDNAuth MIP Model
security level are critical issues in nowadays networking systems,
which are usually conflicting. The present proposed model aims We present the MIP model to optimize the assignment of
to consider those conflicting issues simultaneously and proposes secure coding and verification role to network nodes. We assume
the nodes have homogeneous calculation capacity. Let r denote
the calculation cost of the producer node, which is given by:
8
The solution could be easily generalized to the multi-sender, multi-receiver case
if we use the signature scheme proposed in [10]. r = m ∗ (cm,q + sm,q )
6 R. Boussaha, Y. Challal and A. Bouabdallah et al. / Journal of Information Security and Applications 50 (2020) 102409
Parameter Meaning In this case, we suppose that the packets are combined only on
P Producer node the path from the producer to the consumer. Therefore, the objec-
S Consumer node tive functions to minimize the calculation cost and to maximize
I Set of intermediate nodes the security level are given by:
F Set of packets
L Set of directed links
m Generation size min r + Tv,δv ,q ∗ vδv ,q + ηv ∗ cδv ,q + sδv ,q + t (8)
n Packet size v∈SVS,P
s Network size
dk, v Probability that node v has degree k max ( ft ) (9)
Cl Link capacity of l
SVv, w Set of nodes on path from v ∈ V to w ∈ I Furthermore, we replace v ∈ I by v ∈ SVS, P in all the constraints.
NLl Set of nodes on the link l Nodes that are not on the way from the source to the destination
SLv, w Set of links on path from v ∈ I to w ∈ I
are not chosen (14) and the average load of transmitted messages
δv Number of vectors received at v ∈ I
Mc, v, w Binary variable indicating whether it is the minimum must not exceed the capacity link (15).
cost of v ∈ I to get c ∈ F from w ∈ I
ft Security level function at time t
δv ≤ m, ∀v ∈ SVS,P (10)
c
k,q
The encoding cost of { p1 , p2 , . . . , pk } ∈ Fnq
s
k,q
The homomorphic signature cost of { p1 , p2 , . . . , pk } ∈ Fnq ηv ≥ Tv,δv ,q , ∀v ∈ SVS,P (11)
vk,q The homomorphic verification cost of { p1 , p2 , . . . , pk } ∈ Fnq
dk,q The decoding cost of { p1 , p2 , . . . , pk } ∈ Fnq
ωi A weight selected by the network designer to reflect the ηv ≤ Tv,δv ,q ∗ m, ∀v ∈ SVS,P (12)
relative importance of the ith objective function
Decision variable
Tv, m, q Binary variable indicating whether to operate linear ηv = m (13)
combinations of { p1 , p2 , . . . , pm } ∈ Fnq at v ∈ I v∈SVS,P
ηv Number of linear combinations performed by v ∈ I
Tv,δv ,q = 0, ∀v ∈ SVS,P (14)
such that pm
i
is the probability that the node i is malicious and pij We consider the case where intermediate nodes could accept,
is the probability that the node i is connected to the node j. combine and forward invalid packets as valid, and we calculate
Moreover, attack metric measures the strength of attacks per- the propagation rate of erroneous messages.
formed against a system. The attack severity performed over a In our system, we assume the honest sender is Alice, the
system at a given time t is given by: receiver is Bob, and Oscar is an intermediate malicious node. We
describe the attack with a subspace dimension9 m = 2.
A= δi ∗ pmi (19)
i∈I • Honest node Alice. Alice sends a file described as two non-
zero vectors (vˆ 1 , vˆ 2 ) ∈ (Fnq )2 , and uses her secret key skα
In this case, the objective function (2) to maximize the security
to create two signatures τ 1 and τ 2 on the two-dimensional
level of the system or to minimize pollution damage is given by:
subspace V ⊂ Fnq . Then she transmits the packets P1 = (vˆ1 , τ1 )
ft = − (1 − Tv,δv ,q ) ∗ (V ∗ A ) (20) and P2 = (vˆ2 , τ2 ).
v∈I • Malicious node Oscar. Oscar receives P1 and P2 and does the
following:
Such that:
1. Generate a key pair (skμ , pkμ ).
2. Choose two forged vectors (vˆ3 , vˆ4 ), such that vˆ1 , vˆ2 , vˆ3 , vˆ4
V ∗A= pm
i + pmj ∗ pi j ∗ δi ∗ pmi (21) are linearly independent.
i∈I j∈I i∈I
3. Use the secret key skμ to compute two signatures τ 3 and
τ 4 and create the packets P3 = (vˆ3 , τ3 ) and P4 = (v ˆ4 , τ4 ).
= δi ∗ ( pmi )2 + δi ∗ pmi ∗ pi j ∗ pmj (22) 4. Compute two linear combinations v˜ 1 = zi=1 αi vˆ i ,
i∈I i∈I i∈I j∈I
v˜ 2 = zi=1 αi vˆ i and two signatures τ˜1 = zi=1 τiαi ,
α
τ˜2 = zi=1 τi i such that z = 4 and transmits the two
= δi ∗ ( pm 2
) + δt ∗ pm pi j ∗ pmj (23) packets P˜1 = (v˜ 1 , τ˜1 ) and P˜2 = (v˜ 2 , τ˜2 ) to Bob.
i i
• Receiver Bob After receiving at least two packets from Oscar,
i∈I i∈I i I j∈I
Bob tries to decode the received data to recover Alice’s file.10
5.1.2. Reliability-aware model Then Bob will recover a corrupted file from Oscar.
The defence strength is related to security verification opera- Proposition 5.1. Given NDNAuth and SP-NDNAuth coding as-
tions, if the nodei does signature verification or it is connected to signment process as described in Section 3, with network size s,
trust nodes which make verifications, we say that it has strength generation size m, using Waxman probability for node connections,
defence mechanism. Hence, the strength defence function is given and uniform distribution of malicious nodes, the rate of erroneous
by : messages transmitted in the network is given by:
Dv = Tv,δv ,q + Tw,δw ,q ∗ pvw ∀v ∈ I (24) 1 1 −di j
w∈I . 1+ . αηi e β L (27)
s m
i∈I j∈I
In this case, the objective function (2) to maximize the security
level is given by: Where α > 0 and β ≤ 1, d is the Euclidian distance from node u to
node v, and L is the maximum distance between any two nodes.
ft = Tv,δv ,q ∗ Tv,δv ,q + Tw,δw ,q ∗ pvw (25) Proof. In the attack scenario, with only three nodes in the network
v∈I v∈I w∈I and two packets transmitted by the intermediate node, the rate
⎡ ⎤ η
2
of erroneous transmitted messages is given by : M η = 22 = 1. If
i∈I i
we consider the case where Oscar belongs to a set of relay nodes
ft = ⎣ Tv,δv ,q + Tl,δl ,q ∗ T j,δ j ,q ∗ pi j ⎦ (26) which transmits valid or invalid packets and we denote as pv the
v∈I l∈I i∈I j∈I
probability that a node v ∈ I is malicious, we suppose that this
probability follows a uniform distribution. We use the Waxmanâs
5.2. Rate of erroneous messages probability model for interconnecting the nodes of the topology,
which is given by:
In this model, the adversary is particularly able to control one −d
or more nodes. Therefore, it can observe and modify all data pack- Pi j = α .e (β L) (28)
ets passing through the compromised nodes. Its aim is to inject a d is the Euclidian distance from node i to node j, and L is the
small number of forged packets in order to disrupt the decoding maximum distance between any two nodes. Then the rate of
process. Without loss of generality, we assume the source is al- erroneous messages at a time t is given by:
ways trusted. However, the relay nodes can be compromised by an
adversary, which can observe the input, and manipulate the out- i∈I pm
i
+ j∈I pi j pmj ηi
r= (29)
put. We also do not consider attacks on the physical or MAC layer. i ∈ I ηi
A target node reconstruct the original file sent by the source using
−di j
−
→ −
→
a set of m linearly independent vectors yi = (vi | αi )i=1,m where i∈I
1
s
+ 1
j∈I s . α .e βL ηi
( αi )i=1,m are linearly independent. We say a packet Y = (−
−
→ →
yi )i=1,m r= (30)
i∈I ηi
is a corrupted packet, if the following equation does not hold :
V = A−1 .Y such that A is the matrix whose rows are the vectors
−di j
ηi
α1 , α2 , . . . , αm and V the matrix whose rows are the vectors i∈I s 1+ j∈I α .e βL
j∈I ηi .α .e
m
s
+ 1s . i∈I
βL forwarding rules for the packet flow. A flow entry has three main
r= (33) components. First, we have the Matching rule, we use the entries
m
of this field to match incoming packets. Second, we have the
Action or the Interface field which represents a list of actions and
1 1 −di j
r= . 1+ . αηi e β L (34) instructions to execute on packets after matching process. Finally,
s m we have the Counter field which represents a set of statistics about
i∈I j∈I
the flows such as received packets, duration, sent packets, etc. The
main functionalities of an NDN switch are:
6. Cooperative coding mechanism based on software-defined • Forwarding data packets to clients directly if the data is avail-
networking able in local CS;
• Forwarding Interest packets to other nodes according to the
In this section, we describe our controller-based NDN coding openflow FIB;
and forwarding scheme where the SDN controller handles the • Forwarding Interest packets for unknown content to the con-
multiobjective program execution, the statistics collection and the troller;
packet forwarding in the network. Our MIP finds the optimal so- • Delivering the received data packets to the requesting nodes
lution for the coding and signature assignment in the network. An based on the PIT;
adaptation of the proposed coding model for NDN is done through • Sending statistics and caching information to the controller pe-
the proposal of the SDN-based architecture and the Interest/Data riodically.
forwarding strategies. We detail the architectural design of our
solution and describe its components. The SDN functionalities 6.1.2. The SDN controller
presented in this section represent a design. The controller communicates with switches using OpenFlow
communication protocol. It provides management functions like
6.1. Network architecture
topology control, and OpenFlow FIB11 construction for each NDN
switch. In our proposed architecture, the controller incorporates
The aim of our proposed network architecture is to adapt the
the following structures:
NDNAuth and the SP-NDNAuth solutions to the NDN architec-
ture using an SDN-based monitoring framework. As illustrated • The Global Data Topology Base (GDTB) is a table built into the
in Fig. 3, we partition the layout of the proposed system into controller. It contains the information about all the nodes in
three prominent layers: edge network corresponding to final users, the network and neighbouring connections between them.
openflow named data network corresponding to the simple for- • The Routing Management Base (RMB) is a table holding the
warding routers of NDN and openflow controller corresponding to shortest paths between nodes. These paths are deducted by
the control plane of SDN. applying dijkstra algorithm on the virtual network topology
memorized in GDTB.
6.1.1. The NDN switch • The Optimization Information Base (OIB) is a table built by
In our proposed architecture, each Openflow NDN switch con- the controller. It contains the information about all the files
tains the following structures:
• The Pending Interest Table (PIT); 11
Flow forwarding information base.
R. Boussaha, Y. Challal and A. Bouabdallah et al. / Journal of Information Security and Applications 50 (2020) 102409 9
Table 2 Table 3
Comparison of optimal overhead processing costs in NDNAuth coding Comparison of optimal overhead processing costs in SP-NDNAuth coding
model. model.
|N| q = 22 q = 24 q = 28 q = 22 q = 24 q = 28 |N| q = 22 q = 24 q = 28 q = 22 q = 24 q = 28
20 55.2 54.4 66.9 64.1 64.5 78.5 20 56.8 55.6 68.6 62.1 62.2 75.9
40 90.2 86.7 108.9 112.9 111.9 137.5 40 91.2 87.8 110.4 105.5 103.8 128.3
60 126.3 121.6 153.6 162.1 161.1 197.9 60 128.3 123.5 156.2 145.1 142.5 177.1
80 162.6 156.3 198.6 212.1 210.4 260.1 80 162.9 156.9 199.3 188.8 185.2 231.5
100 199.4 189.8 241.5 262.6 259.1 319.8 100 200.4 190.5 242.1 232.6 226.4 282.9
150 341.7 325.4 415.4 420.8 415.1 578.2 150 347.3 331.8 422.5 372.8 360.9 450.2
200 435.7 423.1 539.8 470.2 457.1 578.2 200 437.4 428.9 546.6 447.2 434.5 552.6
300 673.6 652.6 827.9 877.6 874.9 1079.1 300 679.2 659 835.1 742.2 900.2 912.5
400 864.1 825.3 1054.1 1190.9 1047.4 1297.8 400 867.9 828.7 1058.5 974.3 900.2 1136.3
500 1066.1 1027.1 1314.1 1330.1 1328.4 1609.1 500 1068.4 1033.1 1321 1147.9 1120.5 1405.4
Table 4
Comparison of optimal attack-vulnerability-aware security level.
4. Encryption time: A measure of how long it takes to encrypt a
plaintext message. |N| NDNAuth SP-NDNAuth OPTS SP-OPTS
5. Evaluation time: A measure of how long it takes to evaluate a 20 627.6 680.8 2877.2 2157.9
circuit14 . 40 4385.6 6325.5 34743.8 23452.1
6. Decryption time: A measure of how long it takes to decrypt a 60 15167.1 10452.8 128883.1 70885.6
80 30322.4 22534.1 354912.1 195201.6
ciphertext.
100 30316.768 20146.1 784434.6 423594.7
150 197.3∗ 103 113.315∗ 103 492.4∗ 103 193.6∗ 103
We run the testbed experiments on an Intel(R) core(TM) i5-
200 166.9∗ 103 556.8∗ 103 166.4∗ 104 557.6∗ 103
7200U with 2,50 GHZ CPU performance and 8 GB of RAM. All 300 926.5∗ 103 123.6∗ 104 924.7∗ 104 113.2∗ 103
software was run on the 64-bit ubunto 16.10 Linux distribution. 400 145.7∗ 104 207.9∗ 104 279.1∗ 105 942.1∗ 104
Let us denote f1 the objective function to minimize the overall 500 326.4∗ 104 165.5∗ 104 657.3∗ 105 203.8∗ 105
calculation cost and f2 the objective function to maximize the
security level. The optimal cost is given by:
In order to evaluate the impact of the field size and the net-
OP T _Cost = ω0 ∗ f0 + ω1 ∗ f1 work size on the cumulative processing overhead we compare the
performance of different models including NDNAuth, SP-NDNAuth,
such that ω0 is the processing overhead cost weight and ω1 is the OPTC, and SP-OPTC.
security level weight coefficient. We make comparison between We notice that as we increase the network size, the gain gap
different models: in processing overhead of NDNAtuh over OPTC also increases.
Indeed, for a 20-nodes network the improvement is in the order
• NDNAuth: our optimal coding and homomorphic signature
of 10s while it goes to 60s for a 10 0-nodes network, and 30 0s for
scheme initially proposed in [13,14];
a 500-nodes network with a F22 finite field. The gain increases
• SP-NDNAuth: a single-path-based NDNAuth variant proposed
as we increase the q value. In fact, increasing the field size will
in this work;
increase the probability of successful decoding. However, it will
• OPTC: a trivial strategy where all the nodes must do coding and
also lead to increased computational complexity which results in
signature operations [15];
slower applications. We notice nearly the same behaviour with
• SP-OPTC: a single-path-based OPTC solution combining
SP-NDNAuth, which perform better than SP-OPTC, because in
[15,16] proposals;
the first model coding and signing operations are restricted to
• OPTS: a strategy where all the nodes avoid verifying homomor-
the selected nodes of the optimization model. Whereas in the
phic signatures and make the network vulnerable to pollution
second model all the nodes on the path from source to destination
attacks [1];
perform encoding and homomorphic encryption operations.
• SP-OPTS: a single-path-based OPTS solution combining
Furthermore, the reason why NDNAuth performs better than
[1,16] proposals.
the other models (SP-NDNAuth and SP-OPTC), as shown in Table 3,
is because in SP-NDNAuth as in SP-OPTC, we consider the shortest
7.2. Cumulative processing overhead path constraints. Therefore, the selection of trust nodes is more
constrained and the chosen nodes are those that fit the best the
We consider the first case where ω0 = 1 and ω1 = 0. Tables 2 topology restrictions.
and 3 compare the optimal cost achieved for ten different network
sizes (20, 40, 60, 80, 100, 150, 200, 300, 400, 500) of arbitrary 7.3. Performance evaluation of security level
topologies. For each size, we note the average of the results ob-
tained from 100 randomly generated instances. We fix the gener- In this case, we aim to study the security level. Assume ω0 = 0
ation size to (m = 8 ). For every instance, we compute the optimal and ω1 = 1. The size of the finite field is q = 24 . We evaluate the
cost when packets belong to the F22 finite field, the F24 finite security level of our scheme considering the attack-vulnerability-
field or the F28 finite field.15 The size of a field is denoted q. The aware (AV) model and the reliability-aware (TR) model.
obtained results represent the cumulative processing overhead16 of In the first case, Table 4 compares optimal AV security level
all the nodes in the network, the unit of measurement is second. encountered for different network sizes (20, 40, 60, 80, 100, 150,
20 0, 30 0, 40 0, 50 0). We Observe that the vulnerability of the
14 network is increased in OPTS and SP-OPTS models compared to
The linear combination function operated to the signatures.
15
A finite field (or Galois Field) is a mathematical construct where special rules NDNAuth scheme. This is due to the fact that in OPTS all the
are defined for the arithmetic operations. nodes in the network avoid making network coding and signature
16
The execution time of all the encoding and signature operations. operations, as well in SP-OPTC model all the nodes in the path
12 R. Boussaha, Y. Challal and A. Bouabdallah et al. / Journal of Information Security and Applications 50 (2020) 102409
to 26% for 100 nodes, and 21% for 500 nodes, between NDNAuth Puv = α .e (β L) (38)
and OPTS models. Furthermore, it goes from 3.4% for 20 nodes where α > 0 and β ≤ 1, d is the Euclidian distance from node u to
to 14% for 100 nodes, and 6.5% for 500 nodes, between NDNAuth node v, and L is the maximum distance between any two nodes.
and SP-OPTS models. Finally, it goes from 9% for 20 nodes to 21% α represents the link density and β denotes the density of short
for 100 nodes, and 12.3% for 500 nodes, between SP-NDNAuth and links relative to longer ones.
SP-OPTS models.
Table 5 compares TR security level, the network size ranges 7.4.2. Node degree impact
from 10 to 500. In our model, we consider a node as secure Fig. 5 shows the influence of the node degree distribution
if it is a trusted node or is connected to trusted nodes. In this and the network size on the cumulative processing overhead. We
case, we aim to maximize the security level. As we increase the notice that the cumulative processing overhead exhibits nearly the
network size, we perceive that the gain of NDNAuth model over same values with the Poisson distribution, the Exponential dis-
SP-NDNAuth model decreases. It is in the order of 45.6% for 10 tribution and the Power Law distribution. NDNAuth outperforms
nodes, 6.5% for 150 nodes and 5.22% for 500 nodes. The security slightly SP-NDNAuth strategy, the improvement is in the order of
level improvement decreases as we increase the topology size 2s to 3s.
because the number of encoded packets in the network is limited For AV security level, we can see in Fig. 6 that NDNAuth
to the generation size m. Thus the number of trusted nodes is presents consistently a significant advantage compared to SP-
limited which will increase the vulnerability of the network and NDNAuth, OPTS and SP-OPTS under different network sizes. The
deteriorate the trust level gain as we expand the network size. network with Power Law distribution is considerably vulnerable
to pollution attacks because the degree probability is relatively
7.4. Topology impact on performance important compared to the two other strategies. For example,
the probability that the node degree is equal to 8 is 0.59 with
7.4.1. Topology generation model Poisson distribution, 0.009 with Exponential distribution and
Vertices and edges of the NDN graph model are extended with 0.73 with Power Law distribution. Thus, the nodes are more
attributes, e.g.weighted edges, which represent link costs. Each probably connected to each other and that makes the network
R. Boussaha, Y. Challal and A. Bouabdallah et al. / Journal of Information Security and Applications 50 (2020) 102409 13
more exposed to internal or external attacks. Moreover, OPTS and Considering TR security level, we observe that the comparative
SP-OPTS present the same values for the three degree distribution advantage of Power Law distribution is larger than the two other
strategies, because we suppose that all the nodes in the network degree distribution technics. In this case, we consider also that
or in the path from the producer to the consumer must perform a node is secure if it is selected as a trusted node or if it is
coding operations independently of the degree of each node. connected to trusted nodes. Hence the biggest the node degree
probability is, the larger the trust security level will be. The im-
provement is at minimum in the order of 45% in NDNAuth model,
and 55% in SP-NDNAuth model. In OPTS and SP-OPTS the values
of TR security level are null.
Fig. 11. Rate of erroneous messages for Security Level objective function.
Results illustrated in Fig. 11 show a closer behaviour in the two We notice nearly the same behaviour considering AV or TR
plots which consider AV security level and TR security level ob- security level, as shown in Figs. 13 and 14. The gap between the
jective functions. The amount of nodes from which we select trust rates of the erroneous messages is decreasing more and more.
nodes in NDNAuth is larger than SP-NDNAuth, which will increase The choice of the trusted nodes is almost the same considering
the probability of connection to malicious nodes and then this will cumulative processing overhead, AV security level or TR security
increase to some extent the rate of erroneous messages. The rate level objective functions especially for SP-NDNAuth model even if
of erroneous messages in both OPTS and SP-OPTS is equal to zero we increase the link density.
since in both methods, we suppose that no intermediate node
perform coding and signature operations, packets are transmitted
7.6. Performance trade-offs
directly.
The trade-offs between the achievable performance of the
network and the incurred security of the mechanism used should
7.5.3. Link density impact on the rate of faulty messages be considered carefully when designing this specific authenticated
Fig. 12 compares the rate of erroneous messages considering network coding system. In order to study the performance trade-
cumulative processing overhead (CPO) objective function for differ- offs between processing overhead cost and security level, a set of
ent network sizes (20, 40, 60, 80, 100), and different link density performance evaluation tests was performed. In each case, we vary
values (0.2,0.4,0.6,0.8). We fix the field size to q = 24 and we use the weighting coefficients of the two objective functions. We sup-
Exponential degree distribution. pose that q = 24 , we use the Exponential node-degree distribution,
When α = 0.2, the rate of erroneous messages has the biggest and we consider three different network sizes (20,40,60).
value for the two models NDNAuth and SP-NDNAuth. By increasing Fig. 15 illustrates the gain gap between the multiobjective
the density of the links, the rate of the erroneous messages is optimal solution for OPTC, OPTS, NDNAuth and SP-NDNAuth.
getting closer in the two models, because the links are constrained We notice that as we vary the processing overhead cost weight
by capacities and the existence of a shorter path between the the gap decreases. The OPTS and NDNAuth models, within the
chosen nodes in SP-NDNAuth, which reduces the impact of link AV security level measuring, exhibit nearly the same optimal
density. Moreover, we notice that the rate of faulty messages in values by increasing the calculation cost weighting coefficient.
NDNauth and SP-NDNAuth is considerably inferior to that of OPTC Furthermore, the results reveal nearly the same behaviour within
and SP-OPTC, in which from a certain threshold, all the messages the TR security measuring between NDNAuth and SP-NDNAuth.
circulating on the network are compromised. The SP-NDNAuth performance trade-offs evolve constantly within
16 R. Boussaha, Y. Challal and A. Bouabdallah et al. / Journal of Information Security and Applications 50 (2020) 102409
Fig. 12. Link density impact on the rate of erroneous messages with CPO.
Fig. 13. Link density impact on the rate of erroneous messages with AV security level.
the TR security level evaluation. Whereas, the trade-offs decrease and 4.84 s when |N| = 500. We find almost the same execution
and tends to the same values of the other models as we increase time averages for OPTS. On the other side, we notice the same
the processing overhead cost weight in the AV security model. behaviour for the NDNAuth and SP-NDNAuth models except that
Furthermore, we notice clearly that NDNAuth mechanism presents SP-NDNAuth has slightly smaller values. The values in NDNAuth
a good compromise between all the presented technics. and SP-NDNAuth are more important than OPTC and OPTS. This
Fig. 16 illustrates the evaluation results for measuring the is because in the two first models there are some conditions that
execution time of the multi-objective optimization problem, con- occur in the MIP and that require impressive execution time.
sidering AV security level and TR security level objective functions Tables 6 and 7 present the amount of memory used for the
for three network sizes (20, 20 0, 50 0), the unit of measurement is same tests illustrated in Fig. 16. OPTC and OPTS have almost the
second. By changing the value of ω0 , we notice that the OPTC and same values, NDNAuth is the most important and SP-NDNAuth
OPTS models have close values. The average execution time for is slightly inferior than NDNAuth, the unit of measurement is
the OPTC model is 2.26 s when |N| = 20, 3.84 s when |N| = 200, megabyte.
R. Boussaha, Y. Challal and A. Bouabdallah et al. / Journal of Information Security and Applications 50 (2020) 102409 17
Fig. 14. Link density impact on the rate of erroneous messages with TR security level.
7.7. Discussion case we consider two types of systems. Those who consent
on the vulnerability of nodes and the severity of attacks in
In this paper, we proposed two optimization models and the network and aim to minimize damage. Moreover, we
two different objective functions to assess the security level. We consider the case of systems that focus on the strength of
consider several application scenarios: defence nodes in the network and aim to maximize it. To
1. Secured applications, which focus mainly on the goal of min- study the case of these two systems we propose AV secu-
imizing processing overhead of the MIP. We made comparison rity level and TR security level objective functions. We have
between our models NDNAuth and SP-NDNAuth with the compared our models NDNAuth and SP-NDNAuth with the
previous works OPTC and SP-OPTC [15,16]. We have shown the two prior models OPTS and SP-OPTS [1,16]. We have shown
effectiveness of our proposal. The gain is in the order of 35%. likewise the effectiveness of our approach in Section 7.3.
2. Applications that have a good computing capacity and are Previous systems are 25 times more vulnerable than our
mainly interested in improving the security level. Even in this models.
18 R. Boussaha, Y. Challal and A. Bouabdallah et al. / Journal of Information Security and Applications 50 (2020) 102409
Table 6 Table 7
The amount of memory used to solve the multi- The amount of memory used to solve the
objective optimization problem with AV security level multi-objective optimization problem with TR
function. security level function.
|N| = 20 |N| = 20
0 4.16 3.89 8.23 3.82 0 4.03 6.88 3.65
0.2 3.84 3.08 8.57 3.16 0.2 3.93 6.25 3.7
0.4 4.03 4.26 9.12 4.37 0.4 3.02 6.95 4.86
0.6 2.9 3.99 8.41 3.32 0.6 2.88 7.13 3.48
0.8 3.83 3.78 8.43 4.16 0.8 4.25 8.26 5.01
1 3.93 4.02 4 4.69 1 3.69 4.03 3.34
|N| = 200 |N| = 200
0 8.01 7.84 24.81 214.51 0 8.91 220.15 214.51
0.2 7.86 7.57 24.57 214.68 0.2 8.82 218.79 214.68
0.4 7.7 7.69 23.67 216.02 0.4 8.80 217.58 216.01
0.6 7.93 7.84 24.69 214.69 0.6 9.43 218.86 214.89
0.8 8.06 6.72 24.84 214.67 0.8 8.98 215.88 214.69
1 6.83 7.78 21.58 20.01 1 8.17 20.07 20.01
|N| = 500 |N| = 500
0 23.18 23.25 123.85 108.63 0 27.3 > 500 > 500
0.2 23.36 22.08 124.32 139.39 0.2 27.37 > 500 > 500
0.4 23.03 23.04 124.43 108.02 0.4 27.52 > 500 > 500
0.6 23.29 23.27 123.57 109.12 0.6 27.23 > 500 > 500
0.8 23.26 22.38 124.09 109.9 0.8 27.38 > 500 > 500
1 23.3 22.35 110.55 100.32 1 23.24 109.14 99.73
3. Applications that aim to find a trade-offs between the calcu- 3 and Fig. 15. We have shown that our proposed model ND-
lation cost and the security level. These applications accord a NAuth presents the minimum gap compared to the other model
priority to the first objective (calculation cost weight between that we propose SP-NDNAuth and the previous works OPTC and
0.6 and 1). The evaluation carried out makes it possible to de- SP-OPTC, more precisely when the network size is less than 60.
termine the difference between the value of the aggregated ob- 4. Applications that are interested in finding a compromise be-
jective function and the optimal solution as shown in Tables 2, tween the cost of calculation and the security level with a
R. Boussaha, Y. Challal and A. Bouabdallah et al. / Journal of Information Security and Applications 50 (2020) 102409 19
penchant for the second objective (calculation cost weight unique router. The latter keeps track of which data are being
between 0 and 0.4). Besides, the evaluation determine the dif- stored in which node. The request for different contents can be
ference between the value of the aggregated objective function satisfied by the coded messages that are encoded by the central
and the optimal solution. We notice that NDNAuth presents the router. In [25], the authors design a special Interest coding and
minimal gap compared to the other models with vulnerability- forwarding strategies for getting linearly independent coded blocks
attack-aware model. However, it displays nearly the same simultaneously from multiple nodes. Interests are aggregated, sep-
behaviour as SP-NDNAuth with a reliability-aware model. arated and forwarded in every node based on the strategy that
5. Applications that are interested in finding a fair compromise guarantees the responding coded blocks are linearly independent.
between the calculation cost and the security level (calculation Some attempts were also proposed in order to use network
cost weight is equal to 0.5). Based on the gap obtained between coding with different types of named data networks like mobile
the value of the aggregated objective function and the optimal and vehicular NDN. In [26], the authors propose an energy efficient
solution of the two objective functions, we notice that ND- Context-Aware Cache Coding scheme (CACC). They use loss rate
NAuth has an important divergence when the network size is and file size metrics to identify the context in which cache coding
equal to 40. On the contrary, it exhibits nearly the same value could be used. They prove that CACC improves delivery rate and
of the other models OPTC, OPTS and SP-NDNAuth when the reduce power consumption based on real-world deployment and
network size is equal to 20. Additionally, it displays the same android smartphone emulations. In [27], the authors study the
behaviour as SP-NDNAuth when the network size is equal to 60. problem of content distribution in vehicular network environ-
6. Regarding the impact of the topology, we found that the Power ments. They use a selective random network coding approach and
Law node degree distribution has the greatest impact on our leverage the expansion properties of interacting nodes in a cluster
system performances. In addition, the performance in terms of to be interpreted in terms of social connections among nodes.
the security level are proportional to the link density, which In [28], the authors propose a controllable multi-source content
does not affect the processing overhead. retrieval service over CCN in Vehicular ad hoc networks. They
use Analytic Hierarchy Process (AHP) to analyse routing interfaces
In application scenario 1 we can consider the case of secured conditions. Requested symbols can be distributed adaptively to
wireless sensor networks [17] or smart grid networks [18]. In different interfaces according to their weight, and forwarding
application scenario 2, we can consider financial/cloud networks decisions will be made accordingly to obtain the information that
[18], genomics/biometrics applications [19] and commercial en- makes transmission more effective.
terprise systems. Whereas the last three scenario applications 3, We investigate too research trends that aim at introducing ad-
4 and 5 can deal with enterprise systems or individual entities vanced coding mechanism to NDN. In [29], Anastasiades et al. pro-
in the enterprise systems or even the broad range of potential pose RC-NDN a Raptor coding-based NDN architecture. The au-
applications of network coding in the areas of networking, com- thors design a protocol that is compatible with the interest-data
munication and distributed storage [20]. In this case, the NDN NDN transmission scheme, and use pipelining to authorize concur-
operator chooses the relative importance of each objective function rent request and to take advantage of the packet diversity carried
based on agreements with real-world content providers. by Raptor Coding. Raptor codes are applied only at the content
sources and guarantee a moderate computational cost. In [30,31],
8. Related work Parisis et al. combine ICN and fountain coding for efficient and
reliable content distribution in opportunistic networks. The pro-
Named-Data Networking shifts the Internet towards data posed approach bypasses redundancy associated to multi-source or
awareness, so data sets become first class routable objects. In this multi-path communication, without utilizing any error control pol-
work, we propose to combine the network coding technique with icy or coordination process. In [32], Shu et al. assimilate Binary
Named Data networking. Accordingly, we classify related work Reed-Solomon (BRS) code with information centric fog network
into three parts: (1) Network coding in NDN; (2) Security in NDN; architecture to ensure storage reliability at distributed fogs. The
and (3) Securing network coding in NDN. content-centric communication process makes data indexing and
searching more efficient in network bandwidth and time resources.
8.1. Network coding in NDN
8.2. Security in NDN
Network coding has been shown to be a very promising tech-
nique that can achieve the upper bound multicast capacity given In NDN, Data is consistently fragmented into independent
by the max-flow min-cut theorem [21]. Recently, it has been encrypted chunks, though some critical information could be
shown that network coding benefits Named Data Networks. In accessed like content name, content size and timing. Accordingly,
fact, applying network coding in NDN allows network nodes to malicious users can launch diverse attacks like, denial of service,
jointly perform data computation, forwarding and storage, which cache poisoning, time analysis, packet mistreatment, breaching
can effectively reduce the complexity of cache coordination and signer’s key, bogus announcement, jamming, etc. Therefore, a def-
content delivery. Recently some initial attempts focuses mainly inition of an appropriate mechanism to ensure privacy, integrity,
on proposing new mechanisms for transmitting data or interest source authenticity, trust management or even access control
packets, as well as improving the caching strategy with the use seems to be incontestably necessary.
of network coding in NDN. In [22], the authors investigate the
required architectural changes that arise from the semantic differ- • Privacy : NDN changes the mean to search data and how users
ence between naming. They utilize effectively multi-path parallel interact to retrieve it. Hence new privacy threats come into
forwarding, reduce the complexity of cache coordination and sight like content privacy, name privacy, cache privacy or signa-
simplify the transport design. In [23], the authors propose a novel ture privacy. Some solutions were proposed in order to address
signature scheme compatible with network coding, they propose this issue. In [33], the authors propose PrivICN, a system based
also a forwarding plane to observe the network state, such as on proxy encryption, which protects the confidentiality of
network failure, link transmission and performance distribution content name and content data. The proposed solution does
of coded packets. In [24], a modified architecture based on index not require an end-to-end communication between consumers
coding is proposed, where each group of nodes is served by a and grants flexible user management. In [34], the authors
20 R. Boussaha, Y. Challal and A. Bouabdallah et al. / Journal of Information Security and Applications 50 (2020) 102409
propose an efficient mechanism that encapsulates NDN inside by Boneh et al. [3] who designed an efficient homomorphic NCS
NDN to create a secure virtual private network for Named scheme in the random oracle model using bilinear maps. In the
Data Networking. The scheme encrypts NDN packets of higher literature, the processing overhead of homomorphic cryptographic
security domains and encapsulates them inside the payload of operations has been studied mainly in [15,49].
unencrypted NDN packets. In [35], Ghali et al., introduce an Furthermore, in [50], the authors developed a framework that
extensive evaluation of CCN privacy issues in the presence of investigates the probability of intercepting a sufficient number of
numerous antagonists. They precise the constraints to achieve coded packets and recovering the confidential exchanged mes-
different level of privacy for channel-based communication and sages. They considered a multi-relay network and proposed a
they review how to deploy CCN privacy mechanism. cross-layer security scheme, and derived analytical expressions of
• Trust management : A trust-based method for mitigating outage probability at the intended destination and the eavesdrop-
cache poisoning attacks was proposed in [36]. The approach per. The interception probability for RLNC-enabled opportunistic
stands on three principal factors: content popularity, negative relaying is derived. The analysis shows that the proposed model
feedback and peers credibility. The authors propose an incen- achieves a good balance between security and reliability. In [51],
tive mechanism and evaluate it under proactive and reactive the authors propose a Connected Dominating Set CDS-based and
attacks. They prove accordingly its superiority compared to Flow-oriented Coding aware routing (CFCR) strategy to enhance
existing methods. Yu et al. [37] develop an assortment of trust throughput and to improve potential coding opportunities of
schemas, which ensure an automatic mean to authenticate and wireless mesh networks. In order to guarantee network coding
sign individual data packets. The authors design a prototype efficiency and reliability and considering the fixed backbone and
and make tests in a wide range of NDN applications. unlimited energy features of mesh networks, CFCR constructs the
• Access control : In [38], the authors propose ConfTrack-CCN, a approximate Minimum Connected Dominating Set and excludes
security layer that enforces confidential and trackable content routing with coding collision using the confirmation process. The
distribution and supports the evolution of control access policy. routing with the most coding-aware routing metric benefit is
They evaluate the computational overhead that encryption selected to decrease the packet loss ratio and reduce the failure
scheme introduces and prove that the proposed solution rate of decoding. In [52], the authors construct a reduction or a
improves cache hit rate and is more efficient. Ghali et al. mapping from the problem of multiple-unicast network coding to
[39] propose a flexible access control enforcement scheme, the problem of unicast secure network coding and single-unicast
which supports both hash and encryption-based name ob- network error correction. They consider the case in which one
fuscation using particularly interest packet information. They link is eavesdropped. They show that a rate tuple is achievable
evaluate computational, storage and bandwidth cost of IBAC in the multiple-unicast network coding instance if and only if a
(Interest-Based Access Control) and prove its effectiveness. corresponding rate is achievable in the unicast secure network
• Integrity and authentication : Data integrity and source coding instance, or in the unicast network error correction in-
authentication are inherently integrated to NDN paradigm. stance. The proposed reductions indicate that solving the simple
Each content producer should digitally sign data packet. How- instances of the secure network coding problem or of the net-
ever existing heavyweight signature and verification schemes work error correction problem are in fact as hard as solving the
generate a significant overhead and may evoke various type multiple-unicast problem. They prove, moreover, that the capacity
of attacks like denial of service or cache pollution. Different of a unicast network error correction instance in general is not
solutions were proposed in order to address this challenge achievable.
like [40–43]. They focus mainly on reducing signature and Nonetheless, the practical aspects of the secure network coding
verification algorithms overhead with a low response time and implementation in a named data networking architecture have
bandwidth consumption. not been well investigated in previous work. These schemes
generate an important computational overhead since they need
8.3. Securing network coding in NDN complex cryptographic computations like modular operations,
exponentiations, multiplications, etc. In addition, they require
The new way of handling data, that network coding offers the verification information (e.g., hashes or signatures) to be
in actual networks presents several security challenges. The re- transmitted separately to all nodes in advance, which is difficult to
search community investigates essentially Byzantine (creation, achieve. Xu et al. [53] propose a reliable content delivery scheme
modification and replay) and eavesdropping attacks. Among all in lousy NDN networks. They use network coding as an error
the threats of network coding considered so far, pollution at- control technique to reduce packet retransmissions. They assess
tacks are the most important. Recently, several schemes have the performance of network coding compared to automatic repeat
been proposed to grant protection against pollution attacks for request (ARQ) and forward error correction (FEC) techniques and
network coding applications. We consider mainly information the- they demonstrate its efficiency based on real physical emulations.
oretic approaches [44,45] and cryptographic approaches [46,47], In [54], the authors design the first Access Control mechanism for
which are not specifically designed for named data networking. Network coding-based Named Data Networking. They incorporate
Information-theoretic schemes mostly leverage error correction a new technique called AONT (All or Nothing Transform) with
codes to add redundancy to the messages at source nodes. In this encryption to ensure secure access control to the encoding ma-
way, destination nodes can recover the original messages from trix. Experimental evaluations assess that the proposed solution
the received packets. However, these approaches set limitations reduces significantly the generated overhead.
on the number of nodes, the number of packets or the number In [55], TAN Xiaobin et al. focuses mainly on the proposition of
of links the adversary can corrupt. Otherwise, Cryptographic a copyright protection scheme in Information Centric Networking
approaches allow to authenticate packets using the homomor- based on linear network coding, which provides fast and efficient
phic hash function [3] or the homomorphic signatures [4]. With data retrieval. In [56], the authors propose an Autonomous System
cryptographic-based methods, the nodes set uses cryptographic (AS-s) based security mechanism for network coding application
techniques to send additional verification information that allows in CCN. The proposed solution provides the optimal throughput
destination nodes to verify the authenticity and the integrity of of Network coding and insures integrity, origin authentication,
coded packets. Homomorphic signature was formally introduced correctness of content packets and trustworthiness among border
in [48]. Its definition was adapted to the network coding scenario routers.
R. Boussaha, Y. Challal and A. Bouabdallah et al. / Journal of Information Security and Applications 50 (2020) 102409 21
Table 8
Classification of network coding and security approaches in NDN.
Table 9
NDNAuth and SP-NDNAuth features.
Mechanism Network type Coding variant Caching Routing Security Bandwidth Overhead
Table 8 summarizes the works already mentioned and carries data pollution attacks. In order to face this threat, we introduce
out a classification based on the predominant characteristics. We a novel MIP model called NDNAuth and we present SP-NDNAuth
first mentioned the type of the network used by considering the variant for data coding and signature in single-path-based named
different variants of NDN architecture (namely CCN, ICN, mobile data networking. The purpose of these models is to select a set
CCN and Vehicular CCN). We also marked the work that defined of trusted nodes, which perform coding, homomorphic signature
new routing and caching strategies by ++ (− if not). We have and verification operations, instead of assigning these tasks to all
specified the type of security service studied by each proposal the nodes in the network. We present formal analysis to show
(privacy, access control, trust, integrity and authentication). As that our proposed models overcome security challenges in both
we marked the solutions that evaluated the bandwidth and the attack/vulnerability aware systems and reliability aware systems.
processing overhead of the proposed systems by ++ (− if not). Furthermore, we perform extensive experiments to demonstrate
In summary, we noticed that, in all the mentioned solutions, that NDNAuth and SP-NDNAuth maintain throughput and fairness
it is unclear to what extent the network architecture should be as seen in the standard coding paradigm. We use a centralized
modified to incorporate fully homomorphic encryption scheme approach based on Software-Defined Networking to manage the
to ensure both authentication and integrity against pollution deployment of the multiobjective optimization model. We, more-
attacks. Up to our knowledge, our proposal is the first such work over, introduce a new metric to measure the rate of erroneous
providing both an evaluation of fully homomorphic encryption messages in the network and we evaluate its value with processing
cost in Named Data Networking and an adaptation of the new overhead or security level objective function.
approach to Interest transmission strategy and Data forwarding Our results suggest that our solution can consistently achieve
strategy relying on software-defined networking architecture. an increased gain across network topologies that have different
Table 9 presents the main features of our solution and its structural properties like node degree distribution and link density.
positioning regarding the investigated works. Evaluation results show improved performance cost and enhanced
security level of our proposed models NDNAuth and SP-NDNAuth
9. Conclusion compared to existing solutions where all the nodes must perform
coding, signature and verification operations. We have shown
In this work, we leverage network coding to improve NDN that Power Law node degree distribution has the most impact on
paradigm performance. This changes radically transport network performance.
and breaks with the forwarding principle of conventional commu- In this paper, the SDN controller is responsible for determining
nication by allowing any network node to recombine several input the optimal encoding and signature assignment strategy in the
packets into one coded packet. However, introducing network network and the optimal routing based on network coding and
coding in NDN exposes the network to a new threat relating to homomorphic signature statistics collected from NDN nodes. In
22 R. Boussaha, Y. Challal and A. Bouabdallah et al. / Journal of Information Security and Applications 50 (2020) 102409
fact, centralized control can decrease the complexity related to sig- computing, SAC’ 09. New York, NY, USA: ACM; 2009. p. 1219–20. doi:10.1145/
nalling interaction between NDN switches. Hence, centralization in 1529282.1529555.
[19] Kotlar AV, Trevino CE, Zwick ME, Cutler DJ, Wingo TS. Seqant: cloud-based
SDN-based architecture brings many potential benefits; however, whole-genome annotation and search. In: Proceedings of the 8th ACM inter-
it also creates some limitations for the system, like scalability, and national conference on bioinformatics, computational biology, and health in-
resilience. The SDN routing and monitoring tables must be care- formatics, ACM-BCB’ 17. New York, NY, USA: ACM; 2017. 621–621
[20] Fragouli C, Soljanin E. Network coding applications. Found Trends Netw
fully designed to avoid becoming the new bottleneck. Although 2008;2(2):135–269. doi:10.1561/130 0 0 0 0 013.
the controller is logically centralized in the network, it have to be [21] Ahlswede R, Cai N, Li SY, Yeung RW. Network information flow. IEEE Trans Inf
physically distributed in order to consider the above mentioned Theory 2006;46(4):1204–16. doi:10.1109/18.850663.
[22] Zhang G, Xu Z. Combing ccn with network coding: an architectural perspective.
issues. In fact, for a large scale NDN, the functionality of the con-
Comput Netw 2016;94:219–30.
troller can be operated by several cooperative controllers. We leave [23] Liu W, Yu S-Z, Tan G, Cai J. Information-centric networking with built-in net-
those enhancements for future work. Furthermore, the numerical work coding to achieve multisource transmission at network-layer. Comput
Netw 2017;115:110–28.
experiments are insightful for the future design and implemen-
[24] Sadjadpour HR. A new design for information centric networks. In: CISS. IEEE;
tation of a data/interest forwarding strategy and a caching policy 2014. p. 1–6.
in a distributed scenario. Finally, to gather practical feasibility [25] Liu Y, Yu SZ. Network coding-based multisource content delivery in content
experience, we intend to use NDNAuth and SP-NDNAuth models in centric networking. J Netw Comput Appl 2016;64:167–75.
[26] Joy J, Yu Y-T, Gerla M, Gehani A, Lakhani H, Kim M. Energy efficient, context-
some application scenarios in blockchain and 5G industry systems. aware cache coding for mobile information-centric networks. In: Proceedings
of the 10th ACM international conference on distributed and event-based
systems, DEBS’ 16. New York, NY, USA: ACM; 2016. p. 270–80. doi:10.1145/
Declaration of Competing Interest 2933267.2940322.
[27] Fard PT, Leung VC. A content centric approach to dissemination of informa-
tion in vehicular networks. In: Proceedings of the second ACM international
The authors declare that they have no known competing finan- symposium on design and analysis of intelligent vehicular networks and ap-
cial interests or personal relationships that could have appeared to plications, DIVANet’ 12. New York, NY, USA: ACM; 2012. p. 17–24. doi:10.1145/
influence the work reported in this paper. 2386958.2386962.
[28] Wang Q, Xie D, Ji X. Network codes-based content-centric transmission control
in vanet. In: 2015 international conference on connected vehicles and expo
References (ICCVE); 2015. p. 157–62. doi:10.1109/ICCVE.2015.26.
[29] Anastasiades C, Thomos N, Striffeler A, Braun T. RC-NDN: raptor codes enabled
[1] Jacobson V, Smetters DK, Thornton JD, Plass MF, Briggs N, Braynard R. Net- named data networking. In: 2015 IEEE international conference on communi-
working named content. Commun ACM 2012;55(1):117–24. cations (ICC); 2015. p. 3026–32. doi:10.1109/ICC.2015.7248788.
[2] Montpetit M-J, Westphal C, Trossen D. Network coding meets information- [30] Parisis G, Sourlas V, Katsaros KV, Chai WK, Pavlou G. Enhancing multi-source
centric networking: an architectural case for information dispersion through content delivery in content-centric networks with fountain coding. In: Pro-
native network coding. In: Proceedings of the 1st ACM workshop on emerg- ceedings of the 1st workshop on content caching and delivery in wireless net-
ing name-oriented mobile networking design - architecture, algorithms, and works, CCDWN’ 16. New York, NY, USA: ACM; 2016. 4:1–4:7
applications, NoM’ 12. New York, NY, USA: ACM; 2012. p. 31–6. doi:10.1145/ [31] Parisis G, Sourlas V, Katsaros KV, Chai WK, Pavlou G, Wakeman I. Efficient con-
2248361.2248370. tent delivery through fountain coding in opportunistic information-centric net-
[3] Boneh D, Freeman DM, Katz J, Waters B. Signing a linear subspace: signature works. Comput Commun 2017;100:118–28. doi:10.1016/j.comcom.2016.12.005.
schemes for network coding. In: Public key cryptography, vol. 5443 of lecture [32] Shu Y, Dong M, Ota K, Wu J, Liao S. Binary reed-solomon coding based dis-
notes in computer science. Springer; 2009. p. 68–87. tributed storage scheme in information-centric fog networks. In: 2018 IEEE
[4] Gennaro R, Katz J, Krawczyk H, Rabin T. Secure network coding over the inte- 23rd international workshop on computer aided modeling and design of com-
gers. IACR Cryptol ePrint Arch 20 09;20 09:569. munication links and networks (CAMAD); 2018. p. 1–5. doi:10.1109/CAMAD.
[5] Yang L., Dantu R., Anderson T., Gopal R.. Forwarding and control element sep- 2018.8514998.
aration (forces) framework. 2004. [33] Bernardini C, Marchal S, Asghar MR, Crispo B. Privicn: privacy-preserving con-
[6] Keown NM, Anderson T, Balakrishnan H, Parulkar G, Peterson L, Rexford J, tent retrieval in information-centric networking. Comput Netw 2019;149:13–
Shenker S, Turner J. Openflow: enabling innovation in campus networks. SIG- 28. doi:10.1016/j.comnet.2018.11.012.
COMM Comput Commun Rev 2008;38(2):69–74. doi:10.1145/1355734.1355746. [34] Partridge C, Nelson S, Kong D. Realizing a virtual private network using named
[7] Pendleton M, Garcia-Lebron R, Cho J-H, Xu S. A survey on systems security data networking. In: Proceedings of the 4th ACM conference on information-
metrics. ACM Comput Surv 2016;49(4). 62:1–62:35. 10.1145/3005714. centric networking, ICN’ 17. New York, NY, USA: ACM; 2017. p. 156–62. doi:10.
[8] Brakerski Z, Gentry C, Vaikuntanathan V. (Leveled) fully homomorphic encryp- 1145/3125719.3125720.
tion without bootstrapping. In: Proceedings of the 3rd innovations in theoret- [35] Ghali C, Tsudik G, Wood CA. (The futility of) data privacy in content-centric
ical computer science conference. ACM; 2012. p. 309–25. networking. In: Proceedings of the 2016 ACM on workshop on privacy in the
[9] Bos JW, Lauter KE, Loftus J, Naehrig M. Improved security for a ring-based fully electronic society, WPES’ 16. New York, NY, USA: ACM; 2016. p. 143–52. doi:10.
homomorphic encryption scheme. In: Stam M, editor. IMA int. conf., vol. 8308 1145/2994620.2994639.
of lecture notes in computer science. Springer; 2013. p. 45–64. [36] Rezaeifar Z, Wang J, Oh H. A trust-based method for mitigating cache poison-
[10] Agrawal S, Boneh D, Boyen X, Freeman DM. Preventing pollution attacks in ing in name data networking. J Netw Comput Appl 2018;104:117–32. doi:10.
multi-source network coding. IACR Cryptol ePrint Arch 2010;2010:183. 1016/j.jnca.2017.12.013.
[11] Halevi S, Shoup V. Algorithms in helib. IACR Cryptol ePrint Arch [37] Yu Y, Afanasyev A, Clark D, Claffy K, Jacobson V, Zhang L. Schematizing trust
2014;2014:106. in named data networking. In: Proceedings of the 2nd ACM conference on
[12] Marcano NJH, Pedersen MV, Vingelmann P, Heide J, Lucani DE, Fitzek FHP. Get- information-centric networking, ACM-ICN’ 15. New York, NY, USA: ACM; 2015.
ting kodo: network coding for the ns-3 simulator. WNS3, ACM; 2016. 101–107 p. 177–86. doi:10.1145/2810156.2810170.
[13] Boussaha R, Challal Y, Bessedik M, Bouabdallah A. Towards authenticated net- [38] Mangili M, Martignon F, Paraboschi S. A cache-aware mechanism to enforce
work coding for named data networking. In: 2017 25th international con- confidentiality, trackability and access policy evolution in content-centric net-
ference on software, telecommunications and computer networks (SoftCOM); works. Comput Netw 2015;76:126–45. doi:10.1016/j.comnet.2014.11.010.
2017. p. 1–6. doi:10.23919/SOFTCOM.2017.8115565. [39] Ghali C, Schlosberg MA, Tsudik G, Wood CA. Interest-based access control
[14] Boussaha R, Challal Y, Bouabdallah A. Authenticated network coding for for content centric networks. In: Proceedings of the 2nd ACM conference on
software-defined named data networking. In: 2018 IEEE 32nd international information-centric networking, ACM-ICN’ 15. New York, NY, USA: ACM; 2015.
conference on advanced information networking and applications (AINA); p. 147–56. doi:10.1145/2810156.2810174.
2018. p. 1115–22. doi:10.1109/AINA.2018.00160. [40] Yu Y, Afanasyev A, Seedorf J, Zhang Z, Zhang L. NDN delorean: an authenti-
[15] Lee S-H, Gerla M, Krawczyk H, Lee K-W, Quaglia EA. Performance evaluation cation system for data archives in named data networking. In: Proceedings of
of secure network coding using homomorphic signature. In: IEEE international the 4th ACM conference on information-centric networking, ICN’ 17. New York,
symposium on network coding (NetCod); 2011. p. 1–6. NY, USA: ACM; 2017. p. 11–21. doi:10.1145/3125719.3125724.
[16] Hyytiä E, Virtamo J. On optimality of single-path routes in massively dense [41] Li Q, Zhang X, Zheng Q, Sandhu R, Fu X. Live: lightweight integrity verification
wireless multi-hop networks. In: Proceedings of the 10th ACM symposium on and content access control for named data networking. IEEE Trans Inf Forensics
modeling, analysis, and simulation of wireless and mobile systems, MSWiM’ Secur 2015;10(2):308–20. doi:10.1109/TIFS.2014.2365742.
07. New York, NY, USA: ACM; 2007. p. 28–35. doi:10.1145/1298126.1298135. [42] Kim D, Nam S, Bi J, Yeom I. Efficient content verification in named data net-
[17] Abramov E, Basan E, Makarevich O. Trust management system for mobile clus- working. In: Proceedings of the 2nd ACM conference on information-centric
ter-based wireless sensor network. In: Proceedings of the 8th international networking, ACM-ICN’ 15. New York, NY, USA: ACM; 2015. p. 109–16. doi:10.
conference on security of information and networks, SIN’ 15. New York, NY, 1145/2810156.2810165.
USA: ACM; 2015. p. 203–9. [43] Refaei T, Horvath M, Schumaker M, Hager C. Data authentication for NDN us-
[18] Aymerich FM, Fenu G, Surcis S. A real time financial system based on grid ing hash chains. In: 2015 IEEE symposium on computers and communication
and cloud computing. In: Proceedings of the 2009 ACM symposium on applied (ISCC); 2015. p. 982–7. doi:10.1109/ISCC.2015.7405641.
R. Boussaha, Y. Challal and A. Bouabdallah et al. / Journal of Information Security and Applications 50 (2020) 102409 23
[44] Yeung RW, Cai N. Network error correction, i: basic concepts and upper [52] Huang W, Ho T, Langberg M, Kliewer J. Single-unicast secure network coding
bounds. Commun Inf Syst 2006;6(1):19–35. and network error correction are as hard as multiple-unicast network coding.
[45] Zhang Z. Network error correction coding in packetized networks. In: IEEE Trans Inf Theory 2018;64:4496–512.
2006 IEEE information theory workshop - ITW’ 06 Chengdu; 2006. p. 433–7. [53] Xu R, Hui L, Zhang H. Reliable content delivery in lossy named data net-
doi:10.1109/ITW2.2006.323836. works based on network coding: 18th international conference. In: ICA3PP
[46] Yu Z, Wei Y, Ramkumar B, Guan Y. An efficient signature-based scheme for 2018, Guangzhou, China, November 15–17, 2018, Proceedings, Part IV; 2018.
securing network coding against pollution attacks. In: IEEE INFOCOM 2008 – p. 34–46. doi:10.1007/978- 3- 030- 05063- 4_4.
The 27th conference on computer communications; 2008. [54] Wu D, Xu Z, Chen B, Zhang Y. Towards access control for network coding-
[47] Yun A, Cheon JH, Kim Y. On homomorphic signatures for network coding. IEEE based named data networking. In: GLOBECOM 2017–2017 IEEE global commu-
Trans Comput 2010;59(9):1295–6. doi:10.1109/TC.2010.73. nications conference; 2017. p. 1–6. doi:10.1109/GLOCOM.2017.8254005.
[48] Johnson R, Molnar D, Song DX, Wagner D. Homomorphic signature schemes. [55] Tan X, Ji L, Zhou Z, Yan P. Copyright protection scheme for information-centric
In: Preneel B, editor. CT-RSA, vol. 2271 of lecture notes in computer science. networking base on the linear network coding. In: 2016 35th Chinese control
Springer; 2002. p. 244–62. conference (CCC); 2016. p. 6867–72. doi:10.1109/ChiCC.2016.7554438.
[49] Dong J, Curtmola R, Nita-Rotaru C. Practical defenses against pollution attacks [56] Xu L, Li H, Hu J, Wang Y, Zhang H. An autonomous system based security
in intra-flow network coding for wireless mesh networks. In: Basin DA, Cap- mechanism for network coding applications in content-centric networking. In:
kun S, Lee W, editors. WISEC. ACM; 2009. p. 111–22. Bouzefrane S, Banerjee S, Sailhan F, Boumerdassi S, Renault E, editors. Mobile,
[50] Khan AS, Chatzigeorgiou I. Opportunistic relaying and random linear net- secure, and programmable networking. Cham: Springer International Publish-
work coding for secure and reliable communication. Trans Wirel Commun ing; 2017. p. 34–48.
2018;17(1):223–34. doi:10.1109/TWC.2017.2764891.
[51] Chen J, He K, Du R, Zheng M, Xiang Y, Yuan Q. Dominating set and network
coding-based routing in wireless mesh networks. IEEE Trans Parallel Distrib
Syst 2015;26(02):423–33. doi:10.1109/TPDS.2013.303.