Cache control method mitigating packet concentration of router caused by interest flooding attack

Ryoki Shinohara, Takashi Kamimoto, Kazuya Sato, Hiroshi Shigeno

Research output: Chapter in Book/Report/Conference proceedingConference contribution

8 Citations (Scopus)

Abstract

Interest Flooding Attack (IFA) is one of the problems in Named Data Networking (NDN). In IFA, attackers send an excessive number of requests for non-existing contents, so it makes PIT overflow. It prevents normal users from retrieving Data packets. Pushback mechanism is a representative countermeasure against IFA in NDN. Pushback, however, limits Interest packets at routers near the server, so it also limits normal Interest packets. ICRP is another countermeasure against IFA. In ICRP, edge routers detect attackers and limit Interest packets from attackers. ICRP does not limit normal Interest packets, but each router needs to know the overall structure of the network to confirm whether it is an edge router by itself. In this paper, we propose an Interest flow balancing method focused on the number of requests on Named Data Networking, called IFBN. IFBN aims at decreasing the number of records in PIT from attackers and recovering the number of Data packets that normal users can retrieve. First, routers calculate reputation values for each interface. The reputation value is a proportion of the number of retrieved Data packets to the number of Interest packets forwarded for each interface. In addition to reputation values, routers refer to PIT and check the number of information from each interface. The router concludes that the interface that uses most capacity of PIT is forwarded attack Interest packets. The router does not record information of Interest packets from affected interface in PIT. Therefore, IFBN does not record only information of attack Interest packets without limiting normal Interest packets. We evaluate IFBN by simulation, and confirm IFBN can limit only attack Interest packets.

Original languageEnglish
Title of host publicationProceedings - 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages324-331
Number of pages8
ISBN (Electronic)9781509032051
DOIs
Publication statusPublished - 2017 Feb 7
EventJoint 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016 - Tianjin, China
Duration: 2016 Aug 232016 Aug 26

Other

OtherJoint 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016
CountryChina
CityTianjin
Period16/8/2316/8/26

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications
  • Hardware and Architecture
  • Information Systems
  • Safety, Risk, Reliability and Quality

Fingerprint Dive into the research topics of 'Cache control method mitigating packet concentration of router caused by interest flooding attack'. Together they form a unique fingerprint.

Cite this