Interest flow control method based on user reputation and content name prefixes in named data networking

Sayaka Umeda; Takashi Kamimoto; Yuri Ohata; Hiroshi Shigeno

doi:10.1109/Trustcom.2015.438

Interest flow control method based on user reputation and content name prefixes in named data networking

Sayaka Umeda, Takashi Kamimoto, Yuri Ohata, Hiroshi Shigeno

Department of Information and Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

10 Citations (Scopus)

Abstract

Interest Flooding Attack (IFA) is a big problem in Named Data Networking (NDN). In IFA, an attacker repeats sending an excessive number of Interest packets requesting non-existing contents within short time in order to overload the network. It causes service disruptions for normal users. Pushback mechanism is a representative countermeasure against IFA in NDN. However, the mechanism also limits Interests from normal users, because it controls the flow in all routers affected by IFA. In addition, they assume only simple constant attack model in NDN. As a result, the data acquisition of normal users decreases. In this paper, we propose an Interest flow control method based on user reputation and content name prefixes in Named Data Networking, called ICRP. In ICRP, an edge router limits only Interests from malicious users who are attackers by user reputation. Here, reputation is the value that means the transmission degree of Interest requiring existing contents. As the reputation reflects the past behavior of each user, ICRP considers malicious users change their behavior. Furthermore, the edge router reduces the number of malicious Interests by content name prefixes. The edge router makes a blacklist of non-existing name prefixes requested by the detected malicious users. We evaluate ICRP by simulation. We confirm that ICRP can suppress the limitation to Interests from normal users. Furthermore, ICRP can alleviate the fluctuation the data acquisition rate of normal users even if malicious users change their behavior.

Original language	English
Title of host publication	Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	710-717
Number of pages	8
Volume	1
ISBN (Print)	9781467379519
DOIs	https://doi.org/10.1109/Trustcom.2015.438
Publication status	Published - 2015 Dec 2
Event	14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015 - Helsinki, Finland Duration: 2015 Aug 20 → 2015 Aug 22

Other

Other	14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015
Country/Territory	Finland
City	Helsinki
Period	15/8/20 → 15/8/22

Keywords

Interest Flooding Attack
Name Prefix
Named Data Networking
On-off attack
Reputation

ASJC Scopus subject areas

Computer Networks and Communications

Access to Document

10.1109/Trustcom.2015.438

Cite this

Umeda, S., Kamimoto, T., Ohata, Y., & Shigeno, H. (2015). Interest flow control method based on user reputation and content name prefixes in named data networking. In Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015 (Vol. 1, pp. 710-717). [7345346] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/Trustcom.2015.438

Interest flow control method based on user reputation and content name prefixes in named data networking. / Umeda, Sayaka; Kamimoto, Takashi; Ohata, Yuri et al.
Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015. Vol. 1 Institute of Electrical and Electronics Engineers Inc., 2015. p. 710-717 7345346.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Umeda, S, Kamimoto, T, Ohata, Y & Shigeno, H 2015, Interest flow control method based on user reputation and content name prefixes in named data networking. in Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015. vol. 1, 7345346, Institute of Electrical and Electronics Engineers Inc., pp. 710-717, 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015, Helsinki, Finland, 15/8/20. https://doi.org/10.1109/Trustcom.2015.438

Umeda S, Kamimoto T, Ohata Y, Shigeno H. Interest flow control method based on user reputation and content name prefixes in named data networking. In Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015. Vol. 1. Institute of Electrical and Electronics Engineers Inc. 2015. p. 710-717. 7345346 doi: 10.1109/Trustcom.2015.438

Umeda, Sayaka ; Kamimoto, Takashi ; Ohata, Yuri et al. / Interest flow control method based on user reputation and content name prefixes in named data networking. Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015. Vol. 1 Institute of Electrical and Electronics Engineers Inc., 2015. pp. 710-717

@inproceedings{afa2ab3ff8014cb3b25d193642b268a4,

title = "Interest flow control method based on user reputation and content name prefixes in named data networking",

abstract = "Interest Flooding Attack (IFA) is a big problem in Named Data Networking (NDN). In IFA, an attacker repeats sending an excessive number of Interest packets requesting non-existing contents within short time in order to overload the network. It causes service disruptions for normal users. Pushback mechanism is a representative countermeasure against IFA in NDN. However, the mechanism also limits Interests from normal users, because it controls the flow in all routers affected by IFA. In addition, they assume only simple constant attack model in NDN. As a result, the data acquisition of normal users decreases. In this paper, we propose an Interest flow control method based on user reputation and content name prefixes in Named Data Networking, called ICRP. In ICRP, an edge router limits only Interests from malicious users who are attackers by user reputation. Here, reputation is the value that means the transmission degree of Interest requiring existing contents. As the reputation reflects the past behavior of each user, ICRP considers malicious users change their behavior. Furthermore, the edge router reduces the number of malicious Interests by content name prefixes. The edge router makes a blacklist of non-existing name prefixes requested by the detected malicious users. We evaluate ICRP by simulation. We confirm that ICRP can suppress the limitation to Interests from normal users. Furthermore, ICRP can alleviate the fluctuation the data acquisition rate of normal users even if malicious users change their behavior.",

keywords = "Interest Flooding Attack, Name Prefix, Named Data Networking, On-off attack, Reputation",

author = "Sayaka Umeda and Takashi Kamimoto and Yuri Ohata and Hiroshi Shigeno",

year = "2015",

month = dec,

day = "2",

doi = "10.1109/Trustcom.2015.438",

language = "English",

isbn = "9781467379519",

volume = "1",

pages = "710--717",

booktitle = "Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

note = "14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015 ; Conference date: 20-08-2015 Through 22-08-2015",

}

TY - GEN

T1 - Interest flow control method based on user reputation and content name prefixes in named data networking

AU - Umeda, Sayaka

AU - Kamimoto, Takashi

AU - Ohata, Yuri

AU - Shigeno, Hiroshi

PY - 2015/12/2

Y1 - 2015/12/2

N2 - Interest Flooding Attack (IFA) is a big problem in Named Data Networking (NDN). In IFA, an attacker repeats sending an excessive number of Interest packets requesting non-existing contents within short time in order to overload the network. It causes service disruptions for normal users. Pushback mechanism is a representative countermeasure against IFA in NDN. However, the mechanism also limits Interests from normal users, because it controls the flow in all routers affected by IFA. In addition, they assume only simple constant attack model in NDN. As a result, the data acquisition of normal users decreases. In this paper, we propose an Interest flow control method based on user reputation and content name prefixes in Named Data Networking, called ICRP. In ICRP, an edge router limits only Interests from malicious users who are attackers by user reputation. Here, reputation is the value that means the transmission degree of Interest requiring existing contents. As the reputation reflects the past behavior of each user, ICRP considers malicious users change their behavior. Furthermore, the edge router reduces the number of malicious Interests by content name prefixes. The edge router makes a blacklist of non-existing name prefixes requested by the detected malicious users. We evaluate ICRP by simulation. We confirm that ICRP can suppress the limitation to Interests from normal users. Furthermore, ICRP can alleviate the fluctuation the data acquisition rate of normal users even if malicious users change their behavior.

AB - Interest Flooding Attack (IFA) is a big problem in Named Data Networking (NDN). In IFA, an attacker repeats sending an excessive number of Interest packets requesting non-existing contents within short time in order to overload the network. It causes service disruptions for normal users. Pushback mechanism is a representative countermeasure against IFA in NDN. However, the mechanism also limits Interests from normal users, because it controls the flow in all routers affected by IFA. In addition, they assume only simple constant attack model in NDN. As a result, the data acquisition of normal users decreases. In this paper, we propose an Interest flow control method based on user reputation and content name prefixes in Named Data Networking, called ICRP. In ICRP, an edge router limits only Interests from malicious users who are attackers by user reputation. Here, reputation is the value that means the transmission degree of Interest requiring existing contents. As the reputation reflects the past behavior of each user, ICRP considers malicious users change their behavior. Furthermore, the edge router reduces the number of malicious Interests by content name prefixes. The edge router makes a blacklist of non-existing name prefixes requested by the detected malicious users. We evaluate ICRP by simulation. We confirm that ICRP can suppress the limitation to Interests from normal users. Furthermore, ICRP can alleviate the fluctuation the data acquisition rate of normal users even if malicious users change their behavior.

KW - Interest Flooding Attack

KW - Name Prefix

KW - Named Data Networking

KW - On-off attack

KW - Reputation

UR - http://www.scopus.com/inward/record.url?scp=84966785443&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84966785443&partnerID=8YFLogxK

U2 - 10.1109/Trustcom.2015.438

DO - 10.1109/Trustcom.2015.438

M3 - Conference contribution

AN - SCOPUS:84966785443

SN - 9781467379519

VL - 1

SP - 710

EP - 717

BT - Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015

Y2 - 20 August 2015 through 22 August 2015

ER -

Interest flow control method based on user reputation and content name prefixes in named data networking

Abstract

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this