The Internet model has changed from its first design, rolling from host-centric to information-centric. Consequently, researchers foresee the urge for a new network paradigm that will be more suitable for the need of nowadays users. Named-Data Networking (NDN) adheres to the Information-Centric Networking (ICN) paradigms that have been proposed as possible current Internet substitutes. New proposals concerning NDN-related challenges are released regularly. However, most of these proposals are evaluated using network simulations or theoretical analysis due to lacking a full-stack NDN testbed. Although valid, research has shown that simulation environments or proposed overlay testbeds disturb the experiments and introduce performance mismatches. Motivated by the shreds of evidence mentioned above, we propose a setup of an NDN testbed composed of Raspberry Pi devices. After that, we conduct performance analysis for crucial NDN features such as name-based forwarding, in-network caching, and data packet signing. Our experiments confirm the benefits of enabling caches in intermediate nodes. Furthermore, we compare different signing algorithms based on the producer’s goodput and processing time. Indeed, SHA-256 is confirmed as the most lightweight with 103 Mpbs goodput and 130 μs processing time. Nevertheless, a security and performance trade-off must be met. On the other hand, as research has demonstrated, such features can be exploited to compromise users’ privacy and degrade the network’s performance. Additionally, the attack performance might change while implemented in a real deployment. To validate such effects, we transfer two state-of-the-art privacy attacks from a simulation domain to a physical environment, i.e., our testbed. While one of the transferred attacks preserves the preciseness on the testbed, the other demonstrates result mismatches.
2022, Proceedings of the 17th International Conference on Availability, Reliability and Security, Pages 1-9
Sim2Testbed Transfer: NDN Performance Evaluation (02a Capitolo o Articolo)
Bardhi E., Conti M., Lazzeretti R., Losiouk E., Taffal A.
Gruppo di ricerca: Cybersecurity