ChoKIFA: A New Detection and Mitigation Approach Against Interest Flooding Attacks in NDN - Archive ouverte HAL Access content directly
Conference Papers Year : 2019

ChoKIFA: A New Detection and Mitigation Approach Against Interest Flooding Attacks in NDN

(1) , (2) , (3) , (2) , (1) , (2)
1
2
3

Abstract

Named-Data Networking (NDN) is a potential Future Internet Architectures which introduces a shift from the existing host-centric IP-based Internet infrastructure towards a content-oriented one. Its design, however, can be misused to introduce a new type of DoS attack, better known as Interest Flooding Attack (IFA). In IFA, an adversary issues non-satisfiable requests in the network to saturate the Pending Interest Table(s) (PIT) of NDN routers and prevent them from properly handling the legitimate traffic. Prior solutions to mitigate this problem are not highly effective, damages the legitimate traffic, and incurs high communication overhead.In this paper, we propose a novel mechanism for IFA detection and mitigation, aimed at reducing the memory consumption of the PIT by effectively reducing the malicious traffic that passes through each NDN router. In particular, our protocol exploits an effective management strategy on the PIT which differentially penalizes the malicious traffic by dropping both the inbound and already stored malicious traffic from the PIT. We implemented our proposed protocol on the open-source ndnSIM simulator and compared its effectiveness with the one achieved by the existing state-of-the-art. The results show that our proposed protocol effectively reduces the IFA damages, especially on the legitimate traffic, with improvements that go from 5% till 40% with respect to the existing state-of-the-art.
Fichier principal
Vignette du fichier
481347_1_En_5_Chapter.pdf (927.8 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-02881740 , version 1 (26-06-2020)

Licence

Attribution - CC BY 4.0

Identifiers

Cite

Abdelmadjid Benarfa, Muhammad Hassan, Alberto Compagno, Eleonora Losiouk, Mohamed Bachir Yagoubi, et al.. ChoKIFA: A New Detection and Mitigation Approach Against Interest Flooding Attacks in NDN. 17th International Conference on Wired/Wireless Internet Communication (WWIC), Jun 2019, Bologna, Italy. pp.53-65, ⟨10.1007/978-3-030-30523-9_5⟩. ⟨hal-02881740⟩
57 View
16 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More