{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T12:40:24Z","timestamp":1775047224317,"version":"3.50.1"},"reference-count":41,"publisher":"MDPI AG","issue":"8","license":[{"start":{"date-parts":[[2022,4,16]],"date-time":"2022-04-16T00:00:00Z","timestamp":1650067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001871","name":"Funda\u00e7\u00e3o para a Ci\u00eancia e Tecnologia","doi-asserted-by":"publisher","award":["UIDB\/00319\/2020"],"award-info":[{"award-number":["UIDB\/00319\/2020"]}],"id":[{"id":"10.13039\/501100001871","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Electronics"],"abstract":"One key feature of named data networks (NDN) is supporting in-network caching to increase the content distribution for today\u2019s Internet needs. However, previously cached contents may be threatened by side-channel timing measurements\/attacks. For example, one adversary can identify previously cached contents by distinguishing between uncached and cached contents from the in-network caching node, namely the edge NDN router. The attacks can be mitigated by the previously proposed methods effectively. However, these countermeasures may be against the NDN paradigm, affecting the content distribution performance. This work studied the side-channel timing attack on streaming over NDN applications and proposed a capable approach to mitigate it. Firstly, a recent side-channel timing attack, designated by brute-force, was implemented on ndnSIM using the AT&T network topology. Then, a multi-level countermeasure method, designated by detection and defense (DaD), is proposed to mitigate this attack. Simulation results showed that DaD distinguishes between legitimate and adversary nodes. During the attack, the proposed DaD multi-level approach achieved the minimum cache hit ratio (\u22480.7%) compared to traditional countermeasures (\u22484.1% in probabilistic and \u22483.7% in freshness) without compromising legitimate requests.<\/jats:p>","DOI":"10.3390\/electronics11081265","type":"journal-article","created":{"date-parts":[[2022,4,16]],"date-time":"2022-04-16T07:42:41Z","timestamp":1650094961000},"page":"1265","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["A Countermeasure Approach for Brute-Force Timing Attacks on Cache Privacy in Named Data Networking Architectures"],"prefix":"10.3390","volume":"11","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-7285-414X","authenticated-orcid":false,"given":"Ertugrul","family":"Dogruluk","sequence":"first","affiliation":[{"name":"CEiiA Centro de Engenharia e Desenvolvimento de Produto, 4450-017 Matosinhos, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5892-1289","authenticated-orcid":false,"given":"Joaquim","family":"Macedo","sequence":"additional","affiliation":[{"name":"Centro Algoritmi, Department of Informatics, University of Minho, 4710-057 Braga, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0691-1377","authenticated-orcid":false,"given":"Antonio","family":"Costa","sequence":"additional","affiliation":[{"name":"Centro Algoritmi, Department of Informatics, University of Minho, 4710-057 Braga, Portugal"}]}],"member":"1968","published-online":{"date-parts":[[2022,4,16]]},"reference":[{"key":"ref_1","unstructured":"Zhang, L., Estrin, D., Burke, J., Jacobson, V., Thornton, J.D., Smetters, D.K., Zhang, B., Tsudik, G., Massey, D., and Papadopoulos, C. (2010). Named Data Networking (NDN) Project, Available online: https:\/\/named-data.net\/wp-content\/uploads\/TR001ndn-proj.pdf."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Acs, G., Conti, M., Gasti, P., Ghali, C., and Tsudik, G. (2013, January 8\u201311). Cache privacy in named-data networking. Proceedings of the International Conference on Distributed Computing Systems, Philadelphia, PA, USA.","DOI":"10.1109\/ICDCS.2013.12"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"675","DOI":"10.1109\/TDSC.2014.2382592","article-title":"Timing Attacks on Access Privacy in Information Centric Networks and Countermeasures","volume":"12","author":"Mohaisen","year":"2015","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"13","DOI":"10.1016\/j.comnet.2018.11.012","article-title":"PrivICN: Privacy-preserving content retrieval in information-centric networking","volume":"149","author":"Bernardini","year":"2019","journal-title":"Comput. Netw."},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Felten, E.W., and Schneider, M.A. (2000, January 1\u20134). Timing attacks on Web privacy. Proceedings of the 7th ACM conference on Computer and Communications Security\u2014CCS \u201900, Athens, Greece.","DOI":"10.1145\/352600.352606"},{"key":"ref_6","unstructured":"DiBenedetto, S., Gasti, P., Tsudik, G., and Uzun, E. (2011, January 6\u20139). ANDaNA: Anonymous Named Data Networking Application. Proceedings of the Network and Distributed System Security Symposium, San Diego, CA, USA."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Bortz, A., and Boneh, D. (2007, January 8\u201312). Exposing private information by timing web applications. Proceedings of the 16th International Conference on World Wide Web\u2014WWW \u201907, Banff, AB, Canada.","DOI":"10.1145\/1242572.1242656"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/1455526.1455530","article-title":"Opportunities and Limits of Remote Timing Attacks","volume":"12","author":"Crosby","year":"2009","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"ref_9","unstructured":"Bernstein, D.J. (2022, April 12). Cache-Timing Attacks on AES. Available online: https:\/\/cr.yp.to\/antiforgery\/cachetiming-20050414.pdf."},{"key":"ref_10","first-page":"26","article-title":"Privacy in Content-Oriented Networking: Threats and Countermeasures","volume":"43","author":"Chaabane","year":"2012","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"ref_11","unstructured":"Schinzel, S. (2011, January 14). An Efficient Mitigation Method for Timing Side Channels on the Web. Proceedings of the 2nd International Workshop on Constructive Side-Channel Analysis and Secure Design (COSADE), Darmstadt, Germany."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"126","DOI":"10.1016\/j.comnet.2014.11.010","article-title":"A cache-aware mechanism to enforce confidentiality, trackability and access policy evolution in Content-Centric Networks","volume":"76","author":"Mangili","year":"2015","journal-title":"Comput. Netw."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"4374","DOI":"10.1109\/ACCESS.2016.2596705","article-title":"A Survey on Future Internet Security Architectures","volume":"4","author":"Ding","year":"2016","journal-title":"IEEE Access"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"66","DOI":"10.1145\/2656877.2656887","article-title":"Named Data Networking","volume":"44","author":"Zhang","year":"2014","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"ref_15","first-page":"1","article-title":"Networking Named Content","volume":"Volume 30","author":"Jacobson","year":"2009","journal-title":"Proceedings of the 5th International Conference on Emerging Networking Experiments and Technologies\u2014CoNEXT \u201909"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Herouala, A.T., Kerrache, C.A., Ziani, B., Calafate, C.T., Lagraa, N., and Tahari, A.E.K. (2022). Controlling the Trade-Off between Resource Efficiency and User Satisfaction in NDNs Based on Na\u00efve Bayes Data Classification and Lagrange Method. Future Internet, 14.","DOI":"10.3390\/fi14020048"},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Herouala, A.T., Ziani, B., Kerrache, C.A., el Karim Tahari, A., Lagraa, N., and Mastorakis, S. (2022). CaDaCa: A new caching strategy in NDN using data categorization. Multimed. Syst.","DOI":"10.1007\/s00530-022-00904-y"},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"62","DOI":"10.1145\/2317307.2317319","article-title":"Adaptive forwarding in named data networking","volume":"42","author":"Yi","year":"2012","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"ref_19","unstructured":"Afanasyev, A., Shi, J., Zhang, B., Zhang, L., Moiseenko, I., Afanasyev, A., Shi, J., Yu, Y., Shang, W., and Li, Y. NFD Developer\u2019s Guide; Technical Report; NDN-0021; 2018, Available online: https:\/\/www.researchgate.net\/publication\/325670481_NFD_Developer%27s_Guide?channel=doi&linkId=5b1cb0d30f7e9b68b42b0ba4&showFulltext=true."},{"key":"ref_20","unstructured":"Kulinski, D., and Burke, J. NDNVideo: Live and Pre-Recorded Streaming Using NDN, Available online: https:\/\/named-data.net\/publications\/techreports\/trstreaming\/."},{"key":"ref_21","unstructured":"Gusev, P., and Burke, J. (October, January 30). NDN-RTC: Real-Time Videoconferencing over Named Data Networking. Proceedings of the 2nd International Conference on Information-Centric Networking\u2014ICN \u201915, San Francisco, CA, USA."},{"key":"ref_22","unstructured":"Wang, L. NDNlive and NDNtube: Live and Prerecorded Video Streaming over NDN, Available online: https:\/\/named-data.net\/publications\/techreports\/ndn-0031-1-ndnlive-ndntube\/."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"974","DOI":"10.1587\/transcom.2015AMI0002","article-title":"Real-Time Streaming Data Delivery over Named Data Networking","volume":"E99.B","author":"Gusev","year":"2016","journal-title":"IEICE Trans. Commun."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Zhu, Z., Wang, S., Yang, X., Jacobson, V., and Zhang, L. (2011, January 19). ACT: Audio Conference Tool Over Named Data Networking. Proceedings of the ACM SIGCOMM Workshop on Information-Centric Networking, Toronto, ON, Canada.","DOI":"10.1145\/2018584.2018601"},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Handley, M., Jacobson, V., and Perkins, C. (2006). SDP: Session Description Protocol, The Internet Society. RFC 4566; Technical Report.","DOI":"10.17487\/rfc4566"},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Mastorakis, S., Gusev, P., Afanasyev, A., and Zhang, L. (2018, January 15\u201317). Real-Time Data Retrieval in Named Data Networking. Proceedings of the 2018 1st IEEE International Conference on Hot Information-Centric Networking (HotICN), Shenzhen, China.","DOI":"10.1109\/HOTICN.2018.8605992"},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"1418","DOI":"10.1109\/COMST.2018.2798280","article-title":"Security and Privacy Analysis of National Science Foundation Future Internet Architectures","volume":"20","author":"Ambrosin","year":"2018","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Compagno, A., Conti, M., Losiouk, E., Tsudik, G., and Valle, S. (2020, January 20\u201324). A Proactive Cache Privacy Attack on NDN. Proceedings of the NOMS 2020\u20142020 IEEE\/IFIP Network Operations and Management Symposium, Budapest, Hungary.","DOI":"10.1109\/NOMS47738.2020.9110318"},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Kocher, P.C. (1996). Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems, Springer.","DOI":"10.1007\/3-540-68697-5_9"},{"key":"ref_30","unstructured":"(2010). Tobias Lauinger. Security & Scalability of Content-Centric Networking. [Master\u2019s Thesis, Eur\u00e9com]."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"54","DOI":"10.1145\/2378956.2378966","article-title":"Privacy risks in named data networking: What is the cost of performance?","volume":"42","author":"Lauinger","year":"2012","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"ref_32","unstructured":"Lauinger, T., Laoutaris, N., Rodriguez, P., Strufe, T., Biersack, E., and Kirda, E. (2012). Privacy Implications of Ubiquitous Caching in Named Data Networking Architectures, Available online: http:\/\/citeseerx.ist.psu.edu\/viewdoc\/download?doi=10.1.1.259.4413&rep=rep1&type=pdf."},{"key":"ref_33","unstructured":"(2019). Compound Popular Content Caching Strategy in Named Data Networking. Electronics, 8."},{"key":"ref_34","unstructured":"Douglas, E. (2000). Comer. Internetworking with TCP\/IP, Prentice-Hall."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"33","DOI":"10.1007\/978-3-319-94421-0_3","article-title":"Identifying Previously Requested Content by Side-Channel Timing Attack in NDN","volume":"Volume 878","author":"Dogruluk","year":"2018","journal-title":"Communications in Computer and Information Science"},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Dogruluk, E., Costa, A., and Macedo, J. (2019, January 24\u201326). A Detection and Defense Approach for Content Privacy in Named Data Network. Proceedings of the 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS), Canary Islands, Spain.","DOI":"10.1109\/NTMS.2019.8763835"},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"795","DOI":"10.1109\/TVT.2017.2748345","article-title":"Detecting flooding attack and accommodating burst traffic in delay-tolerant networks","volume":"67","author":"Pham","year":"2018","journal-title":"IEEE Trans. Veh. Technol."},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"145803","DOI":"10.1109\/ACCESS.2020.3014898","article-title":"Public Key Certificate Privacy in VoNDN: Voice Over Named Data Networks","volume":"8","author":"Dogruluk","year":"2020","journal-title":"IEEE Access"},{"key":"ref_39","first-page":"243","article-title":"Violating Consumer Anonymity: Geo-Locating Nodes in Named Data Networking","volume":"Volume 9092","author":"Compagno","year":"2015","journal-title":"Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)"},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Psaras, I., Chai, W.K., and Pavlou, G. (2012, January 17). Probabilistic in-network caching for information-centric networks. Proceedings of the Second Edition of the ICN Workshop on Information-Centric Networking\u2014ICN \u201912, Helsinki, Finland.","DOI":"10.1145\/2342488.2342501"},{"key":"ref_41","unstructured":"Mastorakis, S., Afanasyev, A., Moiseenko, I., and Zhang, L. (2016). ndnSIM 2: An Updated NDN Simulator for NS-3, Available online: https:\/\/named-data.net\/publications\/techreports\/ndn-0028-2-ndnsim-v2\/."}],"container-title":["Electronics"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2079-9292\/11\/8\/1265\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T22:55:23Z","timestamp":1760136923000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2079-9292\/11\/8\/1265"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,4,16]]},"references-count":41,"journal-issue":{"issue":"8","published-online":{"date-parts":[[2022,4]]}},"alternative-id":["electronics11081265"],"URL":"https:\/\/doi.org\/10.3390\/electronics11081265","relation":{},"ISSN":["2079-9292"],"issn-type":[{"value":"2079-9292","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,4,16]]}}}