Abstract
Interest Flooding Attack (IFA) is one of the problems in Named Data Networking (NDN). In IFA, attackers send an excessive number of requests for non-existing contents, so it makes PIT overflow. It prevents normal users from retrieving Data packets. Pushback mechanism is a representative countermeasure against IFA in NDN. Pushback, however, limits Interest packets at routers near the server, so it also limits normal Interest packets. ICRP is another countermeasure against IFA. In ICRP, edge routers detect attackers and limit Interest packets from attackers. ICRP does not limit normal Interest packets, but each router needs to know the overall structure of the network to confirm whether it is an edge router by itself. In this paper, we propose an Interest flow balancing method focused on the number of requests on Named Data Networking, called IFBN. IFBN aims at decreasing the number of records in PIT from attackers and recovering the number of Data packets that normal users can retrieve. First, routers calculate reputation values for each interface. The reputation value is a proportion of the number of retrieved Data packets to the number of Interest packets forwarded for each interface. In addition to reputation values, routers refer to PIT and check the number of information from each interface. The router concludes that the interface that uses most capacity of PIT is forwarded attack Interest packets. The router does not record information of Interest packets from affected interface in PIT. Therefore, IFBN does not record only information of attack Interest packets without limiting normal Interest packets. We evaluate IFBN by simulation, and confirm IFBN can limit only attack Interest packets.
| Original language | English |
|---|---|
| Title of host publication | Proceedings - 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016 |
| Publisher | Institute of Electrical and Electronics Engineers Inc. |
| Pages | 324-331 |
| Number of pages | 8 |
| ISBN (Electronic) | 9781509032051 |
| DOIs | |
| Publication status | Published - 2017 Feb 7 |
| Event | Joint 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016 - Tianjin, China Duration: 2016 Aug 23 → 2016 Aug 26 |
Other
| Other | Joint 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016 |
|---|---|
| Country/Territory | China |
| City | Tianjin |
| Period | 16/8/23 → 16/8/26 |
ASJC Scopus subject areas
- Computer Networks and Communications
- Computer Science Applications
- Hardware and Architecture
- Information Systems
- Safety, Risk, Reliability and Quality