Top

Journal of Network and Systems Management

Published in:

30-05-2020

Detecting and Mitigating DDoS Attack in Named Data Networking

Authors: Mohammad Alhisnawi, Mahmood Ahmadi

Published in: Journal of Network and Systems Management | Issue 4/2020

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Named Data Networking (NDN) is a new and attractive paradigm that got a broad interest in recent researches as a potential alternative for the existing IP-based (host-based) Internet architecture. Security is considered explicitly as one of the most critical issues about NDN. Despite that NDN architecture presents higher resilience against most existing attacks, its architecture, nevertheless, can be exploited to start a DDoS attack. In the DDoS attack, the attacker tries to create and transmit a large number of fake Interest packets to increase network congestion and thus dropping legitimate interests by NDN routers. This paper proposes a new technique to detect and mitigate DDoS attacks in NDN that depends on cooperation among NDN routers with the help of a centralized controller. The functionality of these routers depends on their positions inside the autonomous system (AS). The simulation results show that the suggested technique is effective and precise to detect the fake name prefixes and, it offers better performance comparing with the previously proposed ones.

previous article Modified Dragonfly Algorithm for Optimal Virtual Machine Placement in Cloud Computing

next article ISDSDN: Mitigating SYN Flood Attacks in Software Defined Networks

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Ahmed, S.H., Bouk, S.H., Kim, D., Rawat, D.B., Song, H.: Named data networking for software defined vehicular networks. IEEE Commun. Magaz. 55(8), 60–66 (2017)CrossRef

Dai, H., Wang, Y., Fan, J., Liu, B.: Mitigate ddos attacks in ndn by interest traceback. In: 2013 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp 381–386 (2013)

Nguyen, T., Mai, H., Cogranne, R., Doyen, G., Mallouli, W., Nguyen, L., El Aoun, M., Montes De Oca, E., Festor, O.: Reliable detection of interest flooding attack in real deployment of named data networking. IEEE Trans. Inform. Forens. Sec. 14(9), 2470–2485 (2019)CrossRef

Specht, S., Lee, R.: Distributed denial of service: Taxonomies of attacks, tools, and countermeasures. In: Proceedings of the ISCA 17th international conference on parallel and distributed computing systems, pp 543–550 (2004)

Tourani, R., Misra, S., Mick, T., Panwar, G.: Security, privacy, and access control in information-centric networking: a survey. IEEE Commun. Surv. Tutor. 20(1), 566–600 (2018)CrossRef

Al-hisnawi, M., Ahmadi, M.: Qcf for deep packet inspection. IET Netw. 7(5), 346–352 (2018)CrossRef

Afanasyev, A., Moiseenko, I., Zhang, L.: ndnsim: ndn simulator for ns-3 (2012)

VJDKSJDTMFPNHBRL, Braynard: Networking named content. In: CoNEXT ’09: Proceedings of the 5th international conference on Emerging networking experiments and technologies, pp 1–12 (2009)

Liu, T., Zhang, M., Zhu, J., Zheng, R., Liu, R.: Accp: adaptive congestion control protocol in named data networking based on deep learning. Neural Comput. Appl. (2018). https://doi.org/10.1007/s00521-018-3408-2CrossRef

10.

Wang, L.J., Lv, Y.Q., Moiseenko, I., Wang, D.S.: A dataflow-oriented programming interface for named data networking. J. Comput. Sci. Technol. 33, 158–168 (2018). https://doi.org/10.1007/s11390-018-1812-9CrossRef

11.

Shubbar, R., Ahmadi, M.: Efficient name matching based on a fast two-dimensional filter in named data networking. Int. J. Paral. Emerg. Distrib. Syst. 34(2), 203–221 (2019). https://doi.org/10.1080/17445760.2017.1363202CrossRef

12.

Pang, B., Li, R., Zhang, X., Shi, J., Huang, M.: Research on interest flooding attack analysis in conspiracy with content providers. pp 543–547 (2017). https://doi.org/10.1109/ICEIEC.2017.8076624

13.

Chatterjee, T., Ruj, S., Bit, S.D.: Security issues in named data networks. Computer 51(1), 66–75 (2018)CrossRef

14.

Goergen, D., Cholez, T., François, J., Engel, T.: Security monitoring for content-centric networking. In: Di Pietro, R., Herranz, J., Damiani, E., State, R. (eds.) Data privacy management and autonomous spontaneous security, pp. 274–286. Springer, Berlin (2013)CrossRef

15.

Gasti, P., Tsudik, G., Uzun, E., Zhang, L.: Dos and ddos in named data networking. In: 2013 22nd International Conference on Computer Communication and Networks (ICCCN), pp 1–7 (2013)

16.

Afanasyev, A., Mahadevan, P., Moiseenko, I., Uzun, E., Zhang, L.: Interest flooding attack and countermeasures in named data networking. In: 2013 IFIP Networking Conference, pp 1–9 (2013)

17.

Compagno, A., Conti, M., Gasti, P., Tsudik, G.: Poseidon: Mitigating interest flooding ddos attacks in named data networking. In: 38th Annual IEEE Conference on Local Computer Networks, pp 630–638 (2013)

18.

Widjaja, I.: Towards a flexible resource management system for content centric networking. In: 2012 IEEE International Conference on Communications (ICC), pp 2634–2638 (2012)

19.

Wang, K., Huachun, Z., Qin, Y., Zhang, H.: Cooperative-filter: countering interest flooding attacks in named data networking. Soft Comput. 18, 1803–1813 (2014). https://doi.org/10.1007/s00500-014-1275-zCrossRef

20.

Licheng Wang MDYY Yun Pan, Wang, K.: Economic levers for mitigating interest flooding attack in named data networking 2017, 1–12 (2017)

21.

Xin, Y., Li, Y., Wang, W., Li, W., Chen, X.: A novel interest flooding attacks detection and countermeasure scheme in ndn. In: 2016 IEEE Global Communications Conference (GLOBECOM), pp 1–7 (2016)

22.

Yi, C., Afanasyev, A., Wang, L., Zhang, B., Zhang, L.: Adaptive forwarding in named data networking. Comput. Commun. Rev. (2012). https://doi.org/10.1145/2317307.2317319CrossRef

23.

Wang, K., Chen, J., Huachun, Z., Qin, Y., Zhang, H.: Modeling denial-of-service against pending interest table in named data networking. Int. J. Commun. Syst. (2014). https://doi.org/10.1002/dac.2618CrossRef

24.

Choi, S., Kim, K., Kim, S., Roh, B.: Threat of dos by interest flooding attack in content-centric networking. In: The International Conference on Information Networking 2013 (ICOIN), pp 315–319 (2013)

25.

Tang, J., Zhang, Z., Liu, Y., Zhang, H.: Identifying interest flooding in named data networking. In: 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing, pp 306–310 (2013)

26.

Wang, K., Zhou, H., Qin, Y., Chen, J., Zhang, H.: Decoupling malicious interests from pending interest table to mitigate interest flooding attacks. In: 2013 IEEE Globecom Workshops (GC Wkshps), pp 963–968 (2013)

27.

Shinohara, R., Kamimoto, T., Sato, K., Shigeno, H.: Cache control method mitigating packet concentration of router caused by interest flooding attack. In: 2016 IEEE Trustcom/BigDataSE/ISPA, pp 324–331 (2016)

28.

Ding, K., Liu, Y., Cho, H., Chao, H., Shih, T.: Cooperative detection and protection for interest flooding attacks in named data networking. Int. J. Commun. Syst. (2014). https://doi.org/10.1002/dac.2883CrossRef

29.

Zhi, T., Luo, H., Liu, Y.: A gini impurity-based interest flooding attack defence mechanism in ndn. IEEE Commun. Lett. 22(3), 538–541 (2018)CrossRef

30.

Virgilio, M., Marchetto, G., Sisto, R.: Interest flooding attack countermeasures assessment on content centric networking. In: 2015 12th International Conference on Information Technology - New Generations, pp 721–724 (2015)

31.

Rai, S.DD., Sharma, K.: A survey on detection and mitigation of distributed denial-of-service attack in named data networking. In: Advances in communication, cloud, and Big Data lecture notes in networks and systems 31 (2019)

32.

Xu, X., Wang, S., Li, Y.: Identification and predication of network attack patterns in software-defined networking. Peer-to-Peer Netw. Appl. 12(2), 337–347 (2019). https://doi.org/10.1007/s12083-017-0629-6CrossRef

33.

Salah, H., Strufe, T.: Evaluating and mitigating a collusive version of the interest flooding attack in ndn. In: 2016 IEEE Symposium on Computers and Communication (ISCC), pp 938–945 (2016)

34.

team N (2020) https://www.named-data.net/doc/NDN-packet-spec/current/data.html, last visit( 24/4/2020)

Title: Detecting and Mitigating DDoS Attack in Named Data Networking
Authors: Mohammad Alhisnawi
Mahmood Ahmadi
Publication date: 30-05-2020
Publisher: Springer US
Published in: Journal of Network and Systems Management / Issue 4/2020
Print ISSN: 1064-7570
Electronic ISSN: 1573-7705
DOI: https://doi.org/10.1007/s10922-020-09539-8

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 4/2020

Blockchain Signaling System (BloSS): Cooperative Signaling of Distributed Denial-of-Service Attacks

DFIOT: Data Fusion for Internet of Things

Modified Dragonfly Algorithm for Optimal Virtual Machine Placement in Cloud Computing

Future of Network and Service Operations and Management: Trends, Developments, and Directions

Network Virtualization and Survivability of 5G Networks

Adaptive ML-Based Frame Length Optimisation in Enterprise SD-WLANs

Premium Partner