Cache control method mitigating packet concentration of router caused by interest flooding attack

Ryoki Shinohara, Takashi Kamimoto, Kazuya Sato, Hiroshi Shigeno

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

Interest Flooding Attack (IFA) is one of the problems in Named Data Networking (NDN). In IFA, attackers send an excessive number of requests for non-existing contents, so it makes PIT overflow. It prevents normal users from retrieving Data packets. Pushback mechanism is a representative countermeasure against IFA in NDN. Pushback, however, limits Interest packets at routers near the server, so it also limits normal Interest packets. ICRP is another countermeasure against IFA. In ICRP, edge routers detect attackers and limit Interest packets from attackers. ICRP does not limit normal Interest packets, but each router needs to know the overall structure of the network to confirm whether it is an edge router by itself. In this paper, we propose an Interest flow balancing method focused on the number of requests on Named Data Networking, called IFBN. IFBN aims at decreasing the number of records in PIT from attackers and recovering the number of Data packets that normal users can retrieve. First, routers calculate reputation values for each interface. The reputation value is a proportion of the number of retrieved Data packets to the number of Interest packets forwarded for each interface. In addition to reputation values, routers refer to PIT and check the number of information from each interface. The router concludes that the interface that uses most capacity of PIT is forwarded attack Interest packets. The router does not record information of Interest packets from affected interface in PIT. Therefore, IFBN does not record only information of attack Interest packets without limiting normal Interest packets. We evaluate IFBN by simulation, and confirm IFBN can limit only attack Interest packets.

Original languageEnglish
Title of host publicationProceedings - 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages324-331
Number of pages8
ISBN (Electronic)9781509032051
DOIs
Publication statusPublished - 2017 Feb 7
EventJoint 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016 - Tianjin, China
Duration: 2016 Aug 232016 Aug 26

Other

OtherJoint 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016
CountryChina
CityTianjin
Period16/8/2316/8/26

Fingerprint

Routers
Servers

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications
  • Hardware and Architecture
  • Information Systems
  • Safety, Risk, Reliability and Quality

Cite this

Shinohara, R., Kamimoto, T., Sato, K., & Shigeno, H. (2017). Cache control method mitigating packet concentration of router caused by interest flooding attack. In Proceedings - 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016 (pp. 324-331). [7846963] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/TrustCom.2016.0080

Cache control method mitigating packet concentration of router caused by interest flooding attack. / Shinohara, Ryoki; Kamimoto, Takashi; Sato, Kazuya; Shigeno, Hiroshi.

Proceedings - 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016. Institute of Electrical and Electronics Engineers Inc., 2017. p. 324-331 7846963.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Shinohara, R, Kamimoto, T, Sato, K & Shigeno, H 2017, Cache control method mitigating packet concentration of router caused by interest flooding attack. in Proceedings - 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016., 7846963, Institute of Electrical and Electronics Engineers Inc., pp. 324-331, Joint 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016, Tianjin, China, 16/8/23. https://doi.org/10.1109/TrustCom.2016.0080
Shinohara R, Kamimoto T, Sato K, Shigeno H. Cache control method mitigating packet concentration of router caused by interest flooding attack. In Proceedings - 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016. Institute of Electrical and Electronics Engineers Inc. 2017. p. 324-331. 7846963 https://doi.org/10.1109/TrustCom.2016.0080
Shinohara, Ryoki ; Kamimoto, Takashi ; Sato, Kazuya ; Shigeno, Hiroshi. / Cache control method mitigating packet concentration of router caused by interest flooding attack. Proceedings - 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 324-331
@inproceedings{29752d5ed8514ec08031fc56ab1da340,
title = "Cache control method mitigating packet concentration of router caused by interest flooding attack",
abstract = "Interest Flooding Attack (IFA) is one of the problems in Named Data Networking (NDN). In IFA, attackers send an excessive number of requests for non-existing contents, so it makes PIT overflow. It prevents normal users from retrieving Data packets. Pushback mechanism is a representative countermeasure against IFA in NDN. Pushback, however, limits Interest packets at routers near the server, so it also limits normal Interest packets. ICRP is another countermeasure against IFA. In ICRP, edge routers detect attackers and limit Interest packets from attackers. ICRP does not limit normal Interest packets, but each router needs to know the overall structure of the network to confirm whether it is an edge router by itself. In this paper, we propose an Interest flow balancing method focused on the number of requests on Named Data Networking, called IFBN. IFBN aims at decreasing the number of records in PIT from attackers and recovering the number of Data packets that normal users can retrieve. First, routers calculate reputation values for each interface. The reputation value is a proportion of the number of retrieved Data packets to the number of Interest packets forwarded for each interface. In addition to reputation values, routers refer to PIT and check the number of information from each interface. The router concludes that the interface that uses most capacity of PIT is forwarded attack Interest packets. The router does not record information of Interest packets from affected interface in PIT. Therefore, IFBN does not record only information of attack Interest packets without limiting normal Interest packets. We evaluate IFBN by simulation, and confirm IFBN can limit only attack Interest packets.",
author = "Ryoki Shinohara and Takashi Kamimoto and Kazuya Sato and Hiroshi Shigeno",
year = "2017",
month = "2",
day = "7",
doi = "10.1109/TrustCom.2016.0080",
language = "English",
pages = "324--331",
booktitle = "Proceedings - 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - Cache control method mitigating packet concentration of router caused by interest flooding attack

AU - Shinohara, Ryoki

AU - Kamimoto, Takashi

AU - Sato, Kazuya

AU - Shigeno, Hiroshi

PY - 2017/2/7

Y1 - 2017/2/7

N2 - Interest Flooding Attack (IFA) is one of the problems in Named Data Networking (NDN). In IFA, attackers send an excessive number of requests for non-existing contents, so it makes PIT overflow. It prevents normal users from retrieving Data packets. Pushback mechanism is a representative countermeasure against IFA in NDN. Pushback, however, limits Interest packets at routers near the server, so it also limits normal Interest packets. ICRP is another countermeasure against IFA. In ICRP, edge routers detect attackers and limit Interest packets from attackers. ICRP does not limit normal Interest packets, but each router needs to know the overall structure of the network to confirm whether it is an edge router by itself. In this paper, we propose an Interest flow balancing method focused on the number of requests on Named Data Networking, called IFBN. IFBN aims at decreasing the number of records in PIT from attackers and recovering the number of Data packets that normal users can retrieve. First, routers calculate reputation values for each interface. The reputation value is a proportion of the number of retrieved Data packets to the number of Interest packets forwarded for each interface. In addition to reputation values, routers refer to PIT and check the number of information from each interface. The router concludes that the interface that uses most capacity of PIT is forwarded attack Interest packets. The router does not record information of Interest packets from affected interface in PIT. Therefore, IFBN does not record only information of attack Interest packets without limiting normal Interest packets. We evaluate IFBN by simulation, and confirm IFBN can limit only attack Interest packets.

AB - Interest Flooding Attack (IFA) is one of the problems in Named Data Networking (NDN). In IFA, attackers send an excessive number of requests for non-existing contents, so it makes PIT overflow. It prevents normal users from retrieving Data packets. Pushback mechanism is a representative countermeasure against IFA in NDN. Pushback, however, limits Interest packets at routers near the server, so it also limits normal Interest packets. ICRP is another countermeasure against IFA. In ICRP, edge routers detect attackers and limit Interest packets from attackers. ICRP does not limit normal Interest packets, but each router needs to know the overall structure of the network to confirm whether it is an edge router by itself. In this paper, we propose an Interest flow balancing method focused on the number of requests on Named Data Networking, called IFBN. IFBN aims at decreasing the number of records in PIT from attackers and recovering the number of Data packets that normal users can retrieve. First, routers calculate reputation values for each interface. The reputation value is a proportion of the number of retrieved Data packets to the number of Interest packets forwarded for each interface. In addition to reputation values, routers refer to PIT and check the number of information from each interface. The router concludes that the interface that uses most capacity of PIT is forwarded attack Interest packets. The router does not record information of Interest packets from affected interface in PIT. Therefore, IFBN does not record only information of attack Interest packets without limiting normal Interest packets. We evaluate IFBN by simulation, and confirm IFBN can limit only attack Interest packets.

UR - http://www.scopus.com/inward/record.url?scp=85015183816&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85015183816&partnerID=8YFLogxK

U2 - 10.1109/TrustCom.2016.0080

DO - 10.1109/TrustCom.2016.0080

M3 - Conference contribution

AN - SCOPUS:85015183816

SP - 324

EP - 331

BT - Proceedings - 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016

PB - Institute of Electrical and Electronics Engineers Inc.

ER -