Network Security

Although the Internet has become a pervasive social infrastructure that is indispensable to people’s lives, various security issues have arisen, including cyber attacks that malfunction specific Web servers and cache servers, and the theft of privacy information such as highly confidential personal data.

Therefore, we are conducting research on network security technologies to enable people to use network services safely and comfortably, focusing on the following themes.

Prevention Techniques for Cache Contamination Attack

In order to provide comfortable web browsing and video streaming services, cache distribution is widely used, where cache servers are installed at various locations on the network, and data is distributed from cache servers located near the user.

To increase the effectiveness of caching, popular content is prioritized for storage on cache servers. However, the problem of cache pollution attacks, in which malicious users intentionally make numerous requests for low-popular content, thereby reducing the effectiveness of caching, has been pointed out.

Moreover, in Information-Centric Networks (ICNs), which are expected to be the network of the future, everyone can upload content over the network, so the problem of content poisoning attacks reducing the effect of caches by injecting meaningless contents into routers’ caches has been identified.

To this end, we are investigating low-cost detection and prevention techniques for cache contamination attacks using the blockchain and probabilistic data structures such as the Bloom filter.

Prevention Techniques for Crossfire Attack

The threat of crossfire attacks that disrupt the services of servers in the attack area by injecting attack traffic into links that connect to specific areas of the network and overloading them has been pointed out.

To prevent crossfire attack, we have focused on the behavior of attackers who send traceroute messages to many servers in the attack area from many bots in the preparation stage of crossfire attacks and investigated method of detecting crossfire attack based on the interval of traceroute messages.

Access Control of Information-Centric Networking

For content with a limited number of users, such as paid content, access control is required to determine whether or not request can be accepted. In the Internet, delivery requests always reach servers of content providers, so access control is possible at servers of content providers. However, in the Information-Centric Networking (ICN), content is cached and delivered from routers, so content requests do not always reach content providers, so access control is difficult in ICN.

To this end, we are investigating access control schemes in ICN that combine public-key cryptography and symmetric-key cryptography.

Prevention Techniques for Data Poisoning Attack in Crowdsensing

Crowdsensing, which utilizes mobile devices such as smartphones as sensor devices to infer the true values of various environmental data, is attracting attention. However, since the true values are estimated from the reported values of an unspecified number of users, the problem of data poisoning attacks has been pointed out, where attackers intentionally report false data, to degrade the accuracy of the true value estimation.

Therefore, our laboratory is working on schemes of data poisoning attack in crowdsensing and defense techniques agaist them.

Information Management Techniques Using Blockchain

Although a huge amount of data is managed at a centralized single location traditionally, vulnerability to failure and attack is an issue. Using distributed management techniques that manage data in multiple locations solves these issues. However, security risks such as data tampering and unauthorized access will increase.

Therefore, blockchain is attracting attention as a distributed data management technology that is difficult to tamper with. Our laboratory is conducting research on the use of blockchain to manage personal and other information that can be made public.