ChoKIFA: A New Detection and Mitigation Approach Against Interest Flooding Attacks in NDN - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2019

ChoKIFA: A New Detection and Mitigation Approach Against Interest Flooding Attacks in NDN

Résumé

Named-Data Networking (NDN) is a potential Future Internet Architectures which introduces a shift from the existing host-centric IP-based Internet infrastructure towards a content-oriented one. Its design, however, can be misused to introduce a new type of DoS attack, better known as Interest Flooding Attack (IFA). In IFA, an adversary issues non-satisfiable requests in the network to saturate the Pending Interest Table(s) (PIT) of NDN routers and prevent them from properly handling the legitimate traffic. Prior solutions to mitigate this problem are not highly effective, damages the legitimate traffic, and incurs high communication overhead.In this paper, we propose a novel mechanism for IFA detection and mitigation, aimed at reducing the memory consumption of the PIT by effectively reducing the malicious traffic that passes through each NDN router. In particular, our protocol exploits an effective management strategy on the PIT which differentially penalizes the malicious traffic by dropping both the inbound and already stored malicious traffic from the PIT. We implemented our proposed protocol on the open-source ndnSIM simulator and compared its effectiveness with the one achieved by the existing state-of-the-art. The results show that our proposed protocol effectively reduces the IFA damages, especially on the legitimate traffic, with improvements that go from 5% till 40% with respect to the existing state-of-the-art.
Fichier principal
Vignette du fichier
481347_1_En_5_Chapter.pdf (927.8 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-02881740 , version 1 (26-06-2020)

Licence

Paternité

Identifiants

Citer

Abdelmadjid Benarfa, Muhammad Hassan, Alberto Compagno, Eleonora Losiouk, Mohamed Bachir Yagoubi, et al.. ChoKIFA: A New Detection and Mitigation Approach Against Interest Flooding Attacks in NDN. 17th International Conference on Wired/Wireless Internet Communication (WWIC), Jun 2019, Bologna, Italy. pp.53-65, ⟨10.1007/978-3-030-30523-9_5⟩. ⟨hal-02881740⟩
72 Consultations
63 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More