Interest flow control method based on user reputation and content name prefixes in named data networking

Sayaka Umeda, Takashi Kamimoto, Yuri Ohata, Hiroshi Shigeno

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

Interest Flooding Attack (IFA) is a big problem in Named Data Networking (NDN). In IFA, an attacker repeats sending an excessive number of Interest packets requesting non-existing contents within short time in order to overload the network. It causes service disruptions for normal users. Pushback mechanism is a representative countermeasure against IFA in NDN. However, the mechanism also limits Interests from normal users, because it controls the flow in all routers affected by IFA. In addition, they assume only simple constant attack model in NDN. As a result, the data acquisition of normal users decreases. In this paper, we propose an Interest flow control method based on user reputation and content name prefixes in Named Data Networking, called ICRP. In ICRP, an edge router limits only Interests from malicious users who are attackers by user reputation. Here, reputation is the value that means the transmission degree of Interest requiring existing contents. As the reputation reflects the past behavior of each user, ICRP considers malicious users change their behavior. Furthermore, the edge router reduces the number of malicious Interests by content name prefixes. The edge router makes a blacklist of non-existing name prefixes requested by the detected malicious users. We evaluate ICRP by simulation. We confirm that ICRP can suppress the limitation to Interests from normal users. Furthermore, ICRP can alleviate the fluctuation the data acquisition rate of normal users even if malicious users change their behavior.

Original languageEnglish
Title of host publicationProceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages710-717
Number of pages8
Volume1
ISBN (Print)9781467379519
DOIs
Publication statusPublished - 2015 Dec 2
Event14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015 - Helsinki, Finland
Duration: 2015 Aug 202015 Aug 22

Other

Other14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015
CountryFinland
CityHelsinki
Period15/8/2015/8/22

Fingerprint

Routers
Flow control
Data acquisition

Keywords

  • Interest Flooding Attack
  • Name Prefix
  • Named Data Networking
  • On-off attack
  • Reputation

ASJC Scopus subject areas

  • Computer Networks and Communications

Cite this

Umeda, S., Kamimoto, T., Ohata, Y., & Shigeno, H. (2015). Interest flow control method based on user reputation and content name prefixes in named data networking. In Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015 (Vol. 1, pp. 710-717). [7345346] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/Trustcom.2015.438

Interest flow control method based on user reputation and content name prefixes in named data networking. / Umeda, Sayaka; Kamimoto, Takashi; Ohata, Yuri; Shigeno, Hiroshi.

Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015. Vol. 1 Institute of Electrical and Electronics Engineers Inc., 2015. p. 710-717 7345346.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Umeda, S, Kamimoto, T, Ohata, Y & Shigeno, H 2015, Interest flow control method based on user reputation and content name prefixes in named data networking. in Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015. vol. 1, 7345346, Institute of Electrical and Electronics Engineers Inc., pp. 710-717, 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015, Helsinki, Finland, 15/8/20. https://doi.org/10.1109/Trustcom.2015.438
Umeda S, Kamimoto T, Ohata Y, Shigeno H. Interest flow control method based on user reputation and content name prefixes in named data networking. In Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015. Vol. 1. Institute of Electrical and Electronics Engineers Inc. 2015. p. 710-717. 7345346 https://doi.org/10.1109/Trustcom.2015.438
Umeda, Sayaka ; Kamimoto, Takashi ; Ohata, Yuri ; Shigeno, Hiroshi. / Interest flow control method based on user reputation and content name prefixes in named data networking. Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015. Vol. 1 Institute of Electrical and Electronics Engineers Inc., 2015. pp. 710-717
@inproceedings{afa2ab3ff8014cb3b25d193642b268a4,
title = "Interest flow control method based on user reputation and content name prefixes in named data networking",
abstract = "Interest Flooding Attack (IFA) is a big problem in Named Data Networking (NDN). In IFA, an attacker repeats sending an excessive number of Interest packets requesting non-existing contents within short time in order to overload the network. It causes service disruptions for normal users. Pushback mechanism is a representative countermeasure against IFA in NDN. However, the mechanism also limits Interests from normal users, because it controls the flow in all routers affected by IFA. In addition, they assume only simple constant attack model in NDN. As a result, the data acquisition of normal users decreases. In this paper, we propose an Interest flow control method based on user reputation and content name prefixes in Named Data Networking, called ICRP. In ICRP, an edge router limits only Interests from malicious users who are attackers by user reputation. Here, reputation is the value that means the transmission degree of Interest requiring existing contents. As the reputation reflects the past behavior of each user, ICRP considers malicious users change their behavior. Furthermore, the edge router reduces the number of malicious Interests by content name prefixes. The edge router makes a blacklist of non-existing name prefixes requested by the detected malicious users. We evaluate ICRP by simulation. We confirm that ICRP can suppress the limitation to Interests from normal users. Furthermore, ICRP can alleviate the fluctuation the data acquisition rate of normal users even if malicious users change their behavior.",
keywords = "Interest Flooding Attack, Name Prefix, Named Data Networking, On-off attack, Reputation",
author = "Sayaka Umeda and Takashi Kamimoto and Yuri Ohata and Hiroshi Shigeno",
year = "2015",
month = "12",
day = "2",
doi = "10.1109/Trustcom.2015.438",
language = "English",
isbn = "9781467379519",
volume = "1",
pages = "710--717",
booktitle = "Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - Interest flow control method based on user reputation and content name prefixes in named data networking

AU - Umeda, Sayaka

AU - Kamimoto, Takashi

AU - Ohata, Yuri

AU - Shigeno, Hiroshi

PY - 2015/12/2

Y1 - 2015/12/2

N2 - Interest Flooding Attack (IFA) is a big problem in Named Data Networking (NDN). In IFA, an attacker repeats sending an excessive number of Interest packets requesting non-existing contents within short time in order to overload the network. It causes service disruptions for normal users. Pushback mechanism is a representative countermeasure against IFA in NDN. However, the mechanism also limits Interests from normal users, because it controls the flow in all routers affected by IFA. In addition, they assume only simple constant attack model in NDN. As a result, the data acquisition of normal users decreases. In this paper, we propose an Interest flow control method based on user reputation and content name prefixes in Named Data Networking, called ICRP. In ICRP, an edge router limits only Interests from malicious users who are attackers by user reputation. Here, reputation is the value that means the transmission degree of Interest requiring existing contents. As the reputation reflects the past behavior of each user, ICRP considers malicious users change their behavior. Furthermore, the edge router reduces the number of malicious Interests by content name prefixes. The edge router makes a blacklist of non-existing name prefixes requested by the detected malicious users. We evaluate ICRP by simulation. We confirm that ICRP can suppress the limitation to Interests from normal users. Furthermore, ICRP can alleviate the fluctuation the data acquisition rate of normal users even if malicious users change their behavior.

AB - Interest Flooding Attack (IFA) is a big problem in Named Data Networking (NDN). In IFA, an attacker repeats sending an excessive number of Interest packets requesting non-existing contents within short time in order to overload the network. It causes service disruptions for normal users. Pushback mechanism is a representative countermeasure against IFA in NDN. However, the mechanism also limits Interests from normal users, because it controls the flow in all routers affected by IFA. In addition, they assume only simple constant attack model in NDN. As a result, the data acquisition of normal users decreases. In this paper, we propose an Interest flow control method based on user reputation and content name prefixes in Named Data Networking, called ICRP. In ICRP, an edge router limits only Interests from malicious users who are attackers by user reputation. Here, reputation is the value that means the transmission degree of Interest requiring existing contents. As the reputation reflects the past behavior of each user, ICRP considers malicious users change their behavior. Furthermore, the edge router reduces the number of malicious Interests by content name prefixes. The edge router makes a blacklist of non-existing name prefixes requested by the detected malicious users. We evaluate ICRP by simulation. We confirm that ICRP can suppress the limitation to Interests from normal users. Furthermore, ICRP can alleviate the fluctuation the data acquisition rate of normal users even if malicious users change their behavior.

KW - Interest Flooding Attack

KW - Name Prefix

KW - Named Data Networking

KW - On-off attack

KW - Reputation

UR - http://www.scopus.com/inward/record.url?scp=84966785443&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84966785443&partnerID=8YFLogxK

U2 - 10.1109/Trustcom.2015.438

DO - 10.1109/Trustcom.2015.438

M3 - Conference contribution

AN - SCOPUS:84966785443

SN - 9781467379519

VL - 1

SP - 710

EP - 717

BT - Proceedings - 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015

PB - Institute of Electrical and Electronics Engineers Inc.

ER -