- Internet architectures are becoming outdated, leaving us at risk
- NSF has been investing in future internet research for over a decade
- Information-centric networking (ICN) offers speed and safety from cyberattacks
“If you look at the operational aspects of the internet, it’s really a mess.”
So says Matthias Wählisch, an assistant professor at Freie Universität Berlin. Wählisch is at the forefront of a group of network engineers tinkering with alternative internet architectures, thinking about what the future of the internet might look like.
Today’s internet operates under an end-to end, host-centric paradigm. At one end is you, with your specific digital address, calling out from your laptop in your pajamas for someone at the other end to send you some digital goodies.
Your new friend hears your call, ties her info into a neat little package (image, webpage, video), and sends it back to you in a second, thanks to the magic of the interwebs.
But if you were so inclined, you could send multiple requests to that end host, or worse yet, link up with other like-minded internet ne’er-do-wells to send even more requests and clog up the end host’s ability to send these neat little packages back to those waiting patiently in their pajamas.
These denial of service (DoS) attacks (or distributed denial of service (DDoS) if orchestrated from multiple locations) are a common way bad actors can harm internet end hosts.
Why are these attacks possible, and what can be done about them?
Wählisch explains that the original architects of the internet built its protocols with the ideal of a free flow of information. Today’s internet is something entirely different than these free-thinkers envisioned.
We send and receive videos, chats, images, and datasets of all kinds with little concern about their physical location. Who cares where the Sad Cat Diary resides, anyway? Just get me that video, and fast!
But bad actors can bombard that end host with DDOS attacks, bringing our enjoyment of the benighted felines to a halt.
But there are other ways to organize the internet that could alleviate these troubles. Wählisch points to ICN, or information-centric networking, a new internet paradigm that holds a lot of promise.
We need to change something significantly — it’s clear that the internet will not survive through tweaking. ~Matthias Wählisch
Recognizing the need for alternative internet architectures, the US National Science Foundation (NSF) has been working for the past decade to foster the research that will lead to an internet that meets contemporary use demands.
“The NSF has noted the increasing challenges faced by the internet because of extreme growth, complexity, and societal importance,” explains Darleen Fisher, program director for the NSF’s Networking Technology and Systems (NeTS).
“Information-centric networking holds promise for use first by contained entities – scientific communities, Internet of Things (IoT), a home, or factory – and then perhaps will have wider adoption as they continue to develop its potential,” she says.
Over the last ten years, the NSF has invested about $50 million toward future internet architectures. The NSF’s ICN-related efforts, particularly the Named-Data Networking (NDN) initiative, have been promising. Led by principal investigator Lixia Zhang, NDN currently enjoys a $2.5 million testbed from the NSF.
ICN opts for a data-oriented focus instead of prioritizing the host and connections to that host. Distribution of content is the first aim for ICN, and in doing so it removes the threat of DDOS attacks since sending unsolicited data to a host would be a thing of the past.
In an ICN architecture, named packets of data are the focus, and the security signatures are built into the objects of interest. Instead of securing the connection between you and the originator, cybersecurity would reside in the data requested.
“With ICN, we do not have any more of this end-to-end communication, but we just access data,” says Wählisch. “The network is no longer searching a path to a node based on an end-user IP address, but to a name.”
In addition to the built-in security that comes with an ICN-style architecture, it promises to accelerate your data requests.
“One advantage in ICN is in networking caching which is natively provided, which means the network distributes content in a clever way so that you get the content much faster compared with a single service provider,” Wählisch says.
Internet, part deux
Let’s return to our original pajama party, where you’ve expressed your interest in watching Henri.
With the current internet mode, if Henri lives in the next town over, the transfer will probably run smoothly and quickly, constrained by little more than the laws of physics. If he lives across the ocean, it will take a little more time. And the larger the size of that information you’ve requested, then the longer it can take.
Rather than running repeatedly to the end host to gather the goods, ICN routes information based on names of content. So instead of you pestering the end host across the ocean, with ICN, you express your interest, and the network finds Henri already somewhere near you and then delivers him to your digital doorstep.
This of course would have tremendous advantages for end users. If your research team needs to comb through some Dark Energy Survey data gathered by the Blanco telescope high in the Chilean Andes, this large dataset need not stream over and over again from Chile to Champaign to your chalet in cheery California.
Some of these datasets, of course, are quite large, and can be corrupted when the data stream is hampered by dropped packets, firewalls, and the like.
Instead, an ICN-style internet will grab the content for you in Berkeley where your colleagues had downloaded it yesterday. Safer, faster, better.
ICN has a while to go before it replaces the now 30-year-old protocols powering the internet. Tests are implemented in an overlay fashion and require substantial infrastructure support, which acts as a barrier to entry for large scale deployments, notes John Hicks, network research engineer at Internet2.
“There are several ICN testbeds around the world using different implementations of ICN,” says Hicks. “The hope is that individual testbeds using similar technologies can be linked together. The Internet Research Task Force (IRTF) has organized an effort to harmonize the two major forks of the protocol.”
To build and implement a new internet, “there is still much research and development to be done because of the complexity of a global-scale network,” admits Fisher.
The existing end-to-end protocols can accommodate modern internet use only though unsustainable bouts of tweaks and workarounds. But for an increasingly portable internet user base (somewhere north of 50 billion IoT devices predicted by 2020), a new breed of internet is sorely needed.
“We need to change something significantly,” Wählisch concludes. “It’s clear that the internet will not survive through tweaking.”