Countermeasures of interest flooding attack in named data networking: A survey

2021 ◽  
pp. 002072092098351
Author(s):  
Linjun Yu ◽  
Huali Ai ◽  
Dong-Oun Choi
Keyword(s):  
Control Method ◽  
Network Architectures ◽  
Security Threats ◽  
Named Data Networking ◽  
Comprehensive Understanding ◽  
Next Generation Internet ◽  
Flooding Attack ◽  
Token Bucket ◽  
User Reputation ◽  
Data Networking

Named data networking (NDN) is a typical representation and implementation of information-centric networking and serves as a basis for the next-generation Internet. However, any network architectures will face information security threats. An attack named interest flooding attack (IFA), which is evolved, has becomes a great threat for NDN in recent years. Attackers through insert numerous forged interest packets into an NDN network, making the cache memory of NDN router(s) overrun, interest packets for the intended users. To take a comprehensive understanding of recent IFA detection and mitigation approaches, in this paper, we compared nine typical approaches to resolving IFA attacks for NDN, which are interest traceback, token bucket with per interface fairness, satisfaction-based interest acceptance, satisfaction-based push back, disabling PIT exhaustion, interest flow control method based on user reputation and content name prefixes, interest flow balancing method focused on the number of requests on named data networking, cryptographic route token, Poseidon local, and Poseidon distributed techniques. In addition, we conducted a simulation using Poseidon, a commonly used IFA resolution approach. The results showed that Poseidon could resolve IFA issues effectively.

scholarly journals A PEKS-Based NDN Strategy for Name Privacy

2020 ◽  
Vol 12 (8) ◽  
pp. 130
Author(s):  
Kyi Thar Ko ◽  
Htet Htet Hlaing ◽  
Masahiro Mambo
Keyword(s):  
Keyword Search ◽  
Content Delivery ◽  
Public Key ◽  
Public Key Encryption ◽  
Next Generation ◽  
Named Data Networking ◽  
Next Generation Internet ◽  
Network Cache ◽  
Data Networking

Named Data Networking (NDN), where addressable content name is used, is considered as a candidate of next-generation Internet architectures. NDN routers use In-Network cache to replicate and store passing packets to make faster content delivery. Because NDN uses a human-readable name, it is easy for an adversary to guess what kind of content is requested. To solve this issue, we develop a PEKS-based strategy for forwarding packets, where PEKS stands for public key encryption with keyword search. We implement the PEKS-based strategy based on the best route strategy and multicast strategy of NDN and show the performance of the PEKS-based NDN strategy. We also discuss the issues of the PEKS-based NDN strategy.

scholarly journals Route Prefix Caching Using Bloom Filters in Named Data Networking

2020 ◽  
Vol 10 (7) ◽  
pp. 2226
Author(s):  
Junghwan Kim ◽  
Myeong-Cheol Ko ◽  
Jinsoo Kim ◽  
Moon Sun Shin
Keyword(s):  
Bloom Filter ◽  
Bloom Filters ◽  
Experimental Result ◽  
Named Data Networking ◽  
Next Generation Internet ◽  
Complex Process ◽  
Caching Scheme ◽  
Name Lookup ◽  
Cache Miss ◽  
Data Networking

This paper proposes an elaborate route prefix caching scheme for fast packet forwarding in named data networking (NDN) which is a next-generation Internet structure. The name lookup is a crucial function of the NDN router, which delivers a packet based on its name rather than IP address. It carries out a complex process to find the longest matching prefix for the content name. Even the size of a name prefix is variable and unbounded; thus, the name lookup is to be more complicated and time-consuming. The name lookup can be sped up by using route prefix caching, but it may cause a problem when non-leaf prefixes are cached. The proposed prefix caching scheme can cache non-leaf prefixes, as well as leaf prefixes, without incurring any problem. For this purpose, a Bloom filter is kept for each prefix. The Bloom filter, which is widely used for checking membership, is utilized to indicate the branch information of a non-leaf prefix. The experimental result shows that the proposed caching scheme achieves a much higher hit ratio than other caching schemes. Furthermore, how much the parameters of the Bloom filter affect the cache miss count is quantitatively evaluated. The best performance can be achieved with merely 8-bit Bloom filters and two hash functions.

scholarly journals Economic Levers for Mitigating Interest Flooding Attack in Named Data Networking

2017 ◽  
Vol 2017 ◽  
pp. 1-12 ◽  
Author(s):  
Licheng Wang ◽  
Yun Pan ◽  
Mianxiong Dong ◽  
Yafang Yu ◽  
Kun Wang
Keyword(s):  
Dynamic Pricing ◽  
Denial Of Service ◽  
Future Internet ◽  
Extensive Study ◽  
Distributed Denial Of Service ◽  
Named Data Networking ◽  
Flooding Attack ◽  
Malicious Behavior ◽  
Future Internet Architectures ◽  
Data Networking

As a kind of unwelcome, unavoidable, and malicious behavior, distributed denial of service (DDoS) is an ongoing issue in today’s Internet as well as in some newly conceived future Internet architectures. Recently, a first step was made towards assessing DDoS attacks in Named Data Networking (NDN)—one of the promising Internet architectures in the upcoming big data era. Among them, interest flooding attack (IFA) becomes one of the main serious problems. Enlightened by the extensive study on the possibility of mitigating DDoS in today’s Internet by employing micropayments, in this paper we address the possibility of introducing economic levers, say, dynamic pricing mechanism, and so forth, for regulating IFA in NDN.

scholarly journals Reliable Detection of Interest Flooding Attack in Real Deployment of Named Data Networking

2019 ◽  
Vol 14 (9) ◽  
pp. 2470-2485 ◽  
Author(s):  
Tan Nguyen ◽  
Hoang-Long Mai ◽  
Remi Cogranne ◽  
Guillaume Doyen ◽  
Wissam Mallouli ◽  
...  
Keyword(s):  
Named Data Networking ◽  
Flooding Attack ◽  
Reliable Detection ◽  
Data Networking
Sign in / Sign up

Export Citation Format

Share Document