Cache control method mitigating packet concentration of router caused by interest flooding attack

Ryoki Shinohara, Takashi Kamimoto, Kazuya Sato, Hiroshi Shigeno

研究成果: Conference contribution

8 被引用数 (Scopus)

抄録

Interest Flooding Attack (IFA) is one of the problems in Named Data Networking (NDN). In IFA, attackers send an excessive number of requests for non-existing contents, so it makes PIT overflow. It prevents normal users from retrieving Data packets. Pushback mechanism is a representative countermeasure against IFA in NDN. Pushback, however, limits Interest packets at routers near the server, so it also limits normal Interest packets. ICRP is another countermeasure against IFA. In ICRP, edge routers detect attackers and limit Interest packets from attackers. ICRP does not limit normal Interest packets, but each router needs to know the overall structure of the network to confirm whether it is an edge router by itself. In this paper, we propose an Interest flow balancing method focused on the number of requests on Named Data Networking, called IFBN. IFBN aims at decreasing the number of records in PIT from attackers and recovering the number of Data packets that normal users can retrieve. First, routers calculate reputation values for each interface. The reputation value is a proportion of the number of retrieved Data packets to the number of Interest packets forwarded for each interface. In addition to reputation values, routers refer to PIT and check the number of information from each interface. The router concludes that the interface that uses most capacity of PIT is forwarded attack Interest packets. The router does not record information of Interest packets from affected interface in PIT. Therefore, IFBN does not record only information of attack Interest packets without limiting normal Interest packets. We evaluate IFBN by simulation, and confirm IFBN can limit only attack Interest packets.

本文言語English
ホスト出版物のタイトルProceedings - 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016
出版社Institute of Electrical and Electronics Engineers Inc.
ページ324-331
ページ数8
ISBN(電子版)9781509032051
DOI
出版ステータスPublished - 2017 2 7
イベントJoint 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016 - Tianjin, China
継続期間: 2016 8 232016 8 26

Other

OtherJoint 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016
CountryChina
CityTianjin
Period16/8/2316/8/26

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications
  • Hardware and Architecture
  • Information Systems
  • Safety, Risk, Reliability and Quality

フィンガープリント 「Cache control method mitigating packet concentration of router caused by interest flooding attack」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル