Violating consumer anonymity: Geo-locating nodes in named data networking


Named Data Networking (NDN) is an information-centric network architecture designed as a candidate replacement for the current IP-based Internet. It emphasizes efficient content distribution, achieved via in-network caching and collapsing of closely-spaced content requests. NDN also offers strong security and explicitly decouples content from entities that distribute it. NDN is widely assumed to provide better privacy than IP due to the former’s lack of source and destination addresses. In this paper, we show that this assumption does not hold in practice. In particular, we present several algorithms that help locate consumers within the network by leveraging NDN router-side content caching. We use simulations to evaluate these algorithms on large and realistic topologies, and we validate our results on the official NDN testbed. Our techniques can be used not only to identify consumers, but also to detect eavesdroppers.

International Conference on Applied Cryptography and Network Security (ACNS)