Information-Centric Networking (ICN) is an internetworking paradigm thatoffers an alternative to the current IP\nobreakdash-based Internetarchitecture. ICN's most distinguishing feature is its emphasis on information(content) instead of communication endpoints. One important open issue in ICNis whether negative acknowledgments (NACKs) at the network layer are useful fornotifying downstream nodes about forwarding failures, or requests for incorrector non-existent information. In benign settings, NACKs are beneficial for ICNarchitectures, such as CCNx and NDN, since they flush state in routers andnotify consumers. In terms of security, NACKs seem useful as they can helpmitigating so-called Interest Flooding attacks. However, as we show in thispaper, network-layer NACKs also have some unpleasant security implications. Weconsider several types of NACKs and discuss their security design requirementsand implications. We also demonstrate that providing secure NACKs triggers thethreat of producer-bound flooding attacks. Although we discuss some potentialcountermeasures to these attacks, the main conclusion of this paper is thatnetwork-layer NACKs are best avoided, at least for security reasons.
展开▼
