ACM ICN 2021, Paris, France

8th ACM Conference on Information-Centric Networking (ICN 2021), Sept. 22–24, 2021

List of Accepted Papers

  • YaNFD: Yet another Named Data Networking Forwarding Daemon

    Eric Newberry (UCLA), Xinyu Ma (UCLA), Lixia Zhang (UCLA)

    • Abstract:

      We have developed YaNFD as a new software packet forwarder for NDN. YaNFD achieves compatibility with existing NDN applications and forwarders, as well as high throughput. YaNFD features multi-threaded forwarding, a smaller and more streamlined codebase compared to existing implementations, and can be managed using existing NDN forwarder management utilities and protocols. In this paper, we discuss our implementation, including how it differs from previous forwarders based upon lessons learned during their development and use over the span of multiple years. Additionally, we present the lessons learned from our experience developing a new forwarder for NDN from the ground up.


  • NDN in Large LEO Satellite Constellations: A Case of Consumer Mobility Support

    Teng Liang (Peng Cheng Laboratory), Zhongda Xia (Harbin Institute of Technology), Guoming Tang (Peng Cheng Laboratory), Yu Zhang (Harbin Institute of Technology), Beichuan Zhang (University of Arizona)

    • Abstract:

      Large low Earth orbit (LEO) satellite constellations are intended to provide global low-latency high-bandwidth Internet connectivity. Due to their large scale and high mobility nature, networking is a big challenge. In this paper, we investigate applying Named Data Networking (NDN) to this scenario. Specifically, we discuss that NDN's architectural benefits, such as adaptive forwarding, in-network caching, off-the-grid communication, data mule service, in-network/edge computing, mobility support, and data-centric security, make it a promising candidate. Moreover, we focus on studying NDN's consumer mobility support. Specifically, NDN's in-network Interest retransmission can quickly react to satellite handovers. However, we make an observation that Interest routing paths before and after satellite handover may not overlap, hence underusing NDN's in-network caching. Therefore, we direct retransmitted Interests due to handovers to the previous connected satellite via forwarding hint. Simulation results show that the studied approaches can decently improve the consumers' performance and reduce the network traffic, achieving better consumer mobility support.


  • NDN-MPS: Supporting Multiparty Authentication over Named Data Networking

    Zhiyi Zhang (UCLA), Siqi Liu (UCLA), Randy King (Operant Networks), Lixia Zhang (UCLA)

    • Abstract:

      Modern digitally controlled systems require multiparty authentication to meet the security requirements. This paper describes the design and development of NDN-MPS, an automated solution to support multiparty signing and verification for NDN-enabled applications. NDN-MPS proposes three basic changes to the existing NDN security solutions. First, it introduces a new type of trust schema that supports the semantics for multiparty singing and verification. Second, it extends the NDN signing process design to accommodate multisignature schemes such as BLS signature and to ensure the data consistency across signers. Third, NDN-MPS provides options for different application scenarios to coordinate the joint signing process of multiple signers. We evaluate NDN-MPS by assessing its security properties and measuring its performance. Our results show that NDN-MPS provides resistance against different types of attacks and is practical to be deployed.


  • Trust Schemas and ICN: Key to Secure Home IoT

    Kathleen Nichols (Pollere, Inc.)

    • Abstract:

      Home and business internet of things (IoT) networking presents security challenges that can be addressed using information-centric networking (ICN) to secure information rather than channels. In particular, we leverage ICN's per-packet signing, combined with recent innovations in trust schemas, to construct a strong trust zone. This architecture creates domains governed by a secured trust schema provided to every device during its enrollment together with the device's attribute-based signing cert chain(s). Applications don't need to be rewritten to gain security; a run-time library with an MQTT-like publish/subscribe API uses the provisioned trust schema and certs to construct, sign and ship outgoing publications and to both cryptographically and structurally validate a subscriber's incoming publications. This unique application of trust schemas (Versec) is explained and an example home IoT framework is described where trust schemas express straightforward, homeowner-specific policies that an open-source library enforces at run-time on behalf of security-agnostic applications. Along with the specific innovation in trust management, the platform exploits current and emergent IoT best practices. Utility programs, libraries, and examples are available as an open-source Data-Centric Toolkit.


  • Vision: Toward 10 Tbps NDN Forwarding with Billion Prefixes by Programmable Switches

    Junji Takemasa (Osaka Univeristy), Yuki Koizumi (Osaka University), Toru Hasegawa (Osaka University)

    • Abstract:

      This paper designs a Named Data Networking (NDN) router architecture that leverages switching speed of a programmable switch and a large capacity of DRAM devices of commodity servers. The key idea is that Data packets are forwarded by a switch ASIC alone, whereas Interest packets are forwarded by an NDN forwarding engine at a server. This paper validates that the architecture is able to achieve the 10-Tbps throughput of Data packets by analyzing bottlenecks for high-speed forwarding. The prototype implementation with a Tofino switch and a commodity server demonstrates about 470 Gbps throughput when using a single pipeline of its switch ASIC.


  • Reliable Firmware Updates for the Information-Centric Internet of Things

    Cenk Gündoğan (HAW Hamburg), Christian Amsüss, Thomas C. Schmidt (HAW Hamburg), Matthias Wählisch (FU Berlin)

    • Abstract:

      Security in the Internet of Things (IoT) requires ways to regularly update firmware in the field. These demands ever increase with new, agile concepts such as security as code and should be considered a regular operation. Hosting massive firmware roll-outs present a crucial challenge for the constrained wireless environment. In this paper, we explore how information-centric networking can ease reliable firmware updates. We start from the recent standards developed by the IETF SUIT working group and contribute a system that allows for a timely discovery of new firmware versions by using cryptographically protected manifest files. Our design enables a cascading firmware roll-out from a gateway towards leaf nodes in a low-power multi-hop network. While a chunking mechanism prepares firmware images for typically low-sized maximum transmission units (MTUs), an early Denial-of-Service (DoS) detection prevents the distribution of tampered or malformed chunks. In experimental evaluations on a real-world IoT testbed, we demonstrate feasible strategies with adaptive bandwidth consumption and a high resilience to connectivity loss when replicating firmware images into the IoT edge.


  • Vision: Information-Centric Dataflow – Re-Imagining Reactive Distributed Computing

    Dirk Kutscher (University of Applied Sciences Emden), Laura Al Wardani (University of Applied Sciences Emden), T M Rayhan Gias (University of Applied Sciences Emden)

    • Abstract:

      This paper describes an Information-Centric Dataflow system that is based on name-based access to computation results, NDN PSync dataset synchronization for enabling consuming compute functions to learn about updates and for coordinating the set of compute functions in a distributed Dataflow pipeline. We describe how relevant Dataflow concepts can be mapped to ICN and how data-sharing, data availability and scalability can be improved compared to state-of-the-art systems. We also provide a specification of an application-independent namespace design and report on our experience with a first prototype implementation.


  • LPECN: Leveraging PIT placement and Explicit marking for Congestion control in NDN

    Madhurima Buragohain (Indian Institute of Technology Guwahati), Sukumar Nandi (Indian Institute of Technology Guwahati)

    • Abstract:

      Named Data Networking (NDN) is designed to address several limitations of the current Internet, such as inefficient content delivery, mobility and security. Pending Interest Table (PIT) is one of the fundamental building blocks in NDN. Its unique design contributes various advantages such as stateful forwarding plane, loop detection, similar request aggregation, multipath forwarding and multicast. However, PIT size may become a bottleneck in network performance in the presence of bursty traffic or unresponsive consumers. Therefore, we propose a congestion control scheme that leverages PIT placement and explicit congestion marking. We have used PIT per outgoing face placement to efficiently limit the Interest sending rate according to the available capacity of the link, which can avoid congestion in the reverse path. In addition that, we utilize Negative Acknowledgement and explicit congestion marking to efficiently detect and limit interests from non-responsive consumers. From the simulation result, we have shown that our proposed scheme can efficiently handle congestion even in the presence of non-responsive consumers.


  • High Performance Adaptive Video Streaming using NDN WLAN Multicast

    Wang Yang (Central South University, China), Fan Wu (Tsinghua University, China), Kaijin Tian (Central South University, China)

    • Abstract:

      Multicast is a promising technology for rapidly-increasing video streaming in Wireless Local Area Networks (WLAN). NDN's implicit multicast and caching capabilities provide strong benefits in multicast transmission and can significantly improve network transmission efficiency. However, existing WLAN multicast schemes use the basic data rate to transmit the multicast data. The basic data rate cannot support high-quality video transmission, which significantly reduces the user's Quality of Experience (QoE). In addition, the NDN architecture follows the One-Interest-One-Data transmission principle, so that the uplink will have to face fierce competition, especially when the number of stations has increased significantly. In this paper, we propose HPNM, a High Performance adaptive video streaming scheme by using NDN WLAN Multicast. To improve the Interest sending efficiency in the NDN Live video scenario, we propose an AP(Access Point)-based Interest proxy mechanism that mitigates WLAN channel competition as the number of Interest sending packets increases. In addition, we propose a layer-based NDN WLAN multicast data rate selection mechanism for the adaptive Scalable Video Coding (SVC) video streaming, which can further improve the video bitrate. We use ndnSIM to evaluate the performance of HPNM in terms of video bitrate, startup time, and stalling time. The evaluation results show that the average video bitrate of HPNM has increased significantly compared with the existing scheme in the background traffic scenario.


  • FLARE: Federated Active Learning Assisted by Naming for Responding to Emergencies

    Viyom Mittal (University of California, Riverside), Mohammad Jahanian (University of California, Riverside), K. K. Ramakrishnan (University of California, Riverside)

    • Abstract:

      During disasters, it is critical to deliver emergency information to appropriate first responders. Name-based information delivery provides efficient, timely dissemination of relevant content to first responder teams assigned to different incident response roles. People increasingly depend on social media for communicating vital information, using free-form text. Thus, a method that delivers these social media posts to the right first responders can significantly improve outcomes. In this paper, we propose FLARE, a framework using 'Social Media Engines' (SMEs) to map social media posts (SMPs), such as tweets, to the right names. SMEs perform natural language processing-based classification and exploit several machine learning capabilities, in an online real-time manner. To reduce the manual labeling effort required for learning during the disaster, we leverage active learning, complemented by dispatchers with specific domain-knowledge performing limited labeling. We also leverage federated learning across various public-safety departments with specialized knowledge to handle notifications related to their roles in a cooperative manner. We implement three different classifiers: for incident relevance, organization, and fine-grained role prediction. Each class is associated with a specific subset of the namespace graph. The novelty of our system is the integration of the namespace with federated active learning and inference procedures to identify and deliver vital SMPs to the right first responders in a distributed multi-organization environment, in real-time. Our experiments using real-world data, including tweets generated by citizens during the wildfires in California in 2018, show our approach outperforming both a simple keyword-based classification and several existing NLP-based classification techniques.


  • Analyzing GDPR Compliance of Named Data Networking

    Casey Tran (New Mexico State University), Reza Tourani (Saint Louis University), Satyajayant Misra (New Mexico State University), Travis Machacek (New Mexico State University), Gaurav Panwar (New Mexico State University)

    • Abstract:

      The popularity of social media platforms, Internet of Things (IoT) devices, and the myriad smartphone applications have created opportunities for companies and organizations to collect individuals' personal data and monetize its sharing at a high rate. A standout example was the Facebook--Cambridge Analytica data-sharing arrangement (2018), which allowed Cambridge Analytica to harvest millions of Facebook users' personal data without their consent for political advertisement. In response to such overreach and privacy violations, the European Union introduced the General Data Protection Regulation (GDPR), which mandates data collectors to protect individuals' data privacy and provide the user more control over their personal data. Motivated by this growing interest in personal privacy, we analyze GDPR articles in the context of Named Data Networking (NDN). The context of interest is NDN as the network architecture in a service provider and we investigate GDPR-pertinent NDN features, including naming, caching, forwarding plane, and its built-in trust, for GDPR compliance and present insights on how such compliance can be built, when lacking. We also present experimental results showing compliance overheads and conclude by identifying potential future work.