TY - GEN
T1 - FROG
T2 - 2018 IEEE Symposium on Computers and Communications, ISCC 2018
AU - Nakatsuka, Yoshimichi
AU - Wijekoon, Janaka L.
AU - Nishi, Hiroaki
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2018/11/15
Y1 - 2018/11/15
N2 - Named Data Networking (NDN) is a promising inter-networking paradigm that focus on content rather than hosts and their physical locations. In NDN Consumers issue Interests for Contents. Producers generate a content in response to each received interest and such content is routed back to the requesting consumer. When compared to IP, NDN brings advantages such as better throughput and lower latency, because routers are able to cache popular contents and satisfy interests for such contents locally. However, before being considered a viable approach, NDN should offer security services that are ideally better, but at least equivalent to current mechanisms in IP.In this regard, mechanisms to prevent DDoS are of paramount importance. In this work we propose FROG: a simple yet effective Interest Flooding Attack (IFA) detection and mitigation method. FROG runs on routers that are directly connected to NDN consumers and monitors packet hop counts. It then calculates mean and variance using stored hop counts to distinguish attackers from legitimate users. We use the NDN simulator ndnSIM to evaluate FROG's effectiveness. Our results show that FROG improves resilience against DDoS attacks. In particular, during an attack, legitimate users can still receive 75% of requested contents. Without FROG this number decreases to 50%.
AB - Named Data Networking (NDN) is a promising inter-networking paradigm that focus on content rather than hosts and their physical locations. In NDN Consumers issue Interests for Contents. Producers generate a content in response to each received interest and such content is routed back to the requesting consumer. When compared to IP, NDN brings advantages such as better throughput and lower latency, because routers are able to cache popular contents and satisfy interests for such contents locally. However, before being considered a viable approach, NDN should offer security services that are ideally better, but at least equivalent to current mechanisms in IP.In this regard, mechanisms to prevent DDoS are of paramount importance. In this work we propose FROG: a simple yet effective Interest Flooding Attack (IFA) detection and mitigation method. FROG runs on routers that are directly connected to NDN consumers and monitors packet hop counts. It then calculates mean and variance using stored hop counts to distinguish attackers from legitimate users. We use the NDN simulator ndnSIM to evaluate FROG's effectiveness. Our results show that FROG improves resilience against DDoS attacks. In particular, during an attack, legitimate users can still receive 75% of requested contents. Without FROG this number decreases to 50%.
KW - DDoS attack
KW - Information-Centric Networking
KW - Interest Flooding Attack
KW - Named Data Networking
KW - Packet Hop Count
UR - http://www.scopus.com/inward/record.url?scp=85059207770&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85059207770&partnerID=8YFLogxK
U2 - 10.1109/ISCC.2018.8538468
DO - 10.1109/ISCC.2018.8538468
M3 - Conference contribution
AN - SCOPUS:85059207770
T3 - Proceedings - IEEE Symposium on Computers and Communications
SP - 492
EP - 497
BT - 2018 IEEE Symposium on Computers and Communications, ISCC 2018
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 25 June 2018 through 28 June 2018
ER -