Named Data Networking (NDN) is a relatively new architecture, adhering to the Information-Centric
Networking (ICN) paradigm, which focuses on explicitly named, routable and addressable
content. While addressing and overcoming some of the current Internet issues, ICN
is also affected by its own ones. Among those, content caching can be exploited, together
with the Content Fetch Time (CFT), to identify the contents requested by the users.
This attack is reactive, since the attacker infers whether a content has been requested
after the victim has already sent a request for it. The defence mechanisms rely on
the modification of the CFT, which, despite defending the users, also damage them
from a usability point of view.In this paper, we investigate an enhanced version of
the attack, which is proactive and is still feasible even under enabled countermeasures.
In the proactive attack, the attacker forces a router to cache a content and only
afterwards checks whether the victim sends requests for that content. With respect
to the reactive attack the proactive one: (i) is resilient to the existing defence
mechanisms; (ii) can be applied for both popular and unpopular contents; (iii) can
be used also in case of multiple users connected to the same router of the victim.
After several simulations, we identified the parameters required to setup the proactive
attack and proved its feasibility, both in terms of effectiveness and in terms of
bypassing the existing countermeasures. We, finally, explored new possible countermeasures.