Cooperative detection and protection for Interest flooding attacks in named data networking |
| |
Authors: | Kun Ding Yun Liu Hsin‐Hung Cho Han‐Chieh Chao Timothy K. Shih |
| |
Affiliation: | 1. School of Electronic and Information Engineering, Beijing Jiaotong University, Beijing, Beijing, China;2. Beijing Municipal Commission of Education, Key Laboratory of Communication and Information Systems, Beijing Jiaotong University, Beijing, China |
| |
Abstract: | Named data networking (NDN) is a new emerging architecture for future network, which may be a substitute of the current TCP/IP‐based network, for the content‐oriented data request mode becoming the future trend of development. The security of NDN has attracted much attention, as an implementation of next‐generation Internet architecture. Although NDN is immune to most current attack, it cannot resist the distributed denial of service like attack – Interest flooding attack (IFA) – effectively. IFA takes advantages of the forwarding mechanism of NDN, flooding a large number of malicious Interest packets at quite a high rate, and exploits the network resources, which may cause the paralysis of the network. Taking into account the severity of the destruction, we propose an algorithm to counter such new type of attack. We analyze three properties of IFA, and use them to judge and filter Interest packets. Vector space model and Markov model are used in our method to realize a cooperative detection. Meanwhile, we present the retransmission forwarding mechanism to ensure legitimate user request. The ndnSIM module of ns3 is used for the corresponding simulation, and results of the simulation will be given to show the effectiveness of our algorithm. Copyright © 2014 John Wiley & Sons, Ltd. |
| |
Keywords: | named data networking Interest flooding attack vector space model Markov chain next‐generation network communication system |
|
|