Mitigating Time-Constrained Stolen-Credentials Content Poisoning in an NDN Setting

NDN is a content-centric networking architecture using globally addressable information objects, created by publishers and cached by network nodes to be later accessed by subscribers. Content poisoning attacks consist in the substitution b an intruder publisher of bogus objects for genuine ones created by an honest publisher. With valid credentials stolen from an honest publisher, such attacks seem unstoppable unless object recipients can afford costly object examination. We argue that limited-time validity of stolen credentials gives rise to a mitigation scheme that does without such examination; instead, propagation of trust in an object is carefully designed. We formulate NDN, trust, and intruder models, and specify the mitigation scheme as a Markovian infection process on a graph, whose desirable properties we establish. We validate through simulations that bogus and genuine objects can be distinguished in a probabilistic sense, and evaluate several introduced measures of interest.