Abstract
Named-Data Networking (NDN) is the most promising architecture in the future Internet. NDN ensure high availability of contents and security of the data packet. However, it may disturb the stability and security in NDN routing such as Interest Flooding Attack (IFA). There are many existing detection and mitigation technique about IFA which labelled a non-collusive type of routing threats where it causes the PIT resources to exhausted and legitimate request could not perform in communication. Unfortunately, all the existing counter-measure mechanism could not defend the Collusive Interest Flooding Attack (CIFA). The attacks initiated with a satisfying interest and malicious data producer will reply to the corresponding request before the expiry of existing PIT entries in NDN router along the path. CIFA is classified as low rate intermittent attack which is very difficult in distinguish with legitimate requests. Thus, CIFA is more vulnerable and threatens than previous NCIFA. Moreover, there is no benchmark datasets or any public datasets to perform further experiments on detecting CIFA. Thus, there is a need to produce reliable datasets for future investigation in detection or mitigation relevant attacks in NDN.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Broberg, J., Rajkumar Buyya, Zahir Tari, MetaCDN: Harnessing Storage Clouds for high performance content delivery. Journal of Network and Computer Applications, 2009: p. pp.1012-1022.
Ganesh, V., IoT: Architectures and Security P2P vs ICN, 2017, Aalto University.
J. Pan, S.P., and R. Jain, A survey of the research on future internet architectures. 2011(IEEE Communications Magazine).
M. Amadeo, C.C., A. Iera, and A. Molinaro, Named data networking for iot: an architectural perspective. European Conference on Networks and Communications (EuCNC), 2014(IEEE): p. pp. 1-5.
Cheng Yi, A.A., Ilya Moiseenko, Lan Wang, Beichuan Zhang, Lixia Zhang, A case for stateful forwarding plane. Computer Communications, 2013. 36(7): p. pp. 779-791.
p. Konstantina, A.K., C. Joseph, C. Augustin G.Phillipa, Named Data Networking. ACM SIGCOMM Computer Communication Review, 2014. 44(3): p. 67.
Cisco, Cisco Visual Networking Index: Forecast and Trends, 2017–2022, 2019, Cisco Public: United State.
Gligor, V.D., A note on denial-of-service in operating systems. IEEE Transactions on Software Engineering, 1984. 3: p. pp. 320–324.
Needham, R.M., Denial of service: an example. Communications of the ACM, 1994. 11: p. pp. 42–46.
Reo, J. Small DDoS Attacks Cause Big Problems. 2016 [cited 2018 12 December]; Available from: https://www.corero.com/blog/740-small-ddos-attacks-cause-big-problems.html.
Eslam G. AbdAllah, H.S.H.a.M.Z., A Survey of Security Attacks in Information-Centric Networking. IEEE COMMUNICATION SURVEYS & TUTORIALS, 2015. 17(3): p. pp. 1441-1454.
Eslam G AbdAllah, H.S.H., Mohammad Zulkernine, A Survey of Security Attacks in Information-Centric Networking. IEEE COMMUNICATION SURVEYS & TUTORIALS, 2015. 17(3): p. pp. 1441 - 1454.
François-Xavier Aguessy, F.R., Théo Combe, Edgardo Montes de Oca, Wissam Mallouli, Guillaume Doyen, Tan Nguyen, Rémi Cogranne, Thibault Cholez, Xavier Marchal, Security analysis of the virtualized NDN architecture. Deployment and securisation of new functionalities in virtualized networking environnements, 2016.
V. Jacobson, D.K.S., J. D. Thornton, M. F. Plass, N. H. Briggs, R. L. Braynard. Networking named content. in 5th international conference on Emerging networking experiments and technologies. 2009. ACM.
Lauinger, T., Security & scalability of content-centric networking, 2010, TU Darmstadt.
M. Wahlisch, T.C.S., M. Vahlenkamp, Lessons from the past: Why data-driven states harm future information-centric networking. IFIP Networking Conference, 2013: p. pp. 1-9.
Tan N. Nguyen, R.C., Guillaume Doyen and Florent Retraint ´, Detection of Interest Flooding Attacks in Named Data Networking using Hypothesis Testing. IEEE International Workshop on Information Forensics and Security (WIFS), 2015.
Hani Salah, J.W., Thorsten Strufe, Coordination Supports Security: A New Defence Mechanism Against Interest Flooding in NDN. 40th Annual IEEE Conference on Local Computer Networks, 2015: p. pp. 73-81.
L. Zhang, D.E., J. Burke, V. Jacobson, J. D.Thornton, D. K. Smetters, B. Zhang, G. Tsudik, D. Massey, C. Papadopoulos et al., Named data networking (NDN) project, in Relat´orio T´ecnico NDN-00012010, Xerox Palo Alto Research Center-PARC.
Tan NGUYEN, R.C., Guillaume DOYEN, An Optimal Statistical Test for Robust Detection against Interest Flooding Attacks in CCN. IFIP/IEEE International Symposium on Integrated Network Management (IM2015), 2015: p. pp. 253-260.
Hani Salah, T.S., Evaluating and Mitigating a Collusive Version of the Interest Flooding Attack in NDN. IEEE Symposium on Computers and Communication (ISCC), 2016.
Yonghui Xin, Y.L., Wei Wang, Weiyuan Li, Xin Chen, Detection of collusive interest flooding attacks in named data networking using wavelet analysis. IEEE Military Communications Conference (MILCOM), 2017.
Paolo Gasti, G.T., Ersin Uzun, Lixia Zhang, DoS & DDoS in Named-Data Networking, in Computer Science - Networking and Internet Architecture, Cryptography and Security2012, Harvard University.
J. Tang, Z.Z., Y. Liu, and H. Zhang, Identifying Interest flooding in Named Data Networking. Green Computing and Communications and Cyber, Physical and Social Computing, 2013(IEEE): p. pp. 306-310.
K. Wang, H.Z., Y. Qin, J. Chen, and H. Zhang, Decoupling malicious interests from pending interest table to mitigate interest flooding attacks. Globecom Workshops (GC Wkshps), 2013: p. pp. 963-968.
K. Wang, H.Z., H. Luo, J. Guan, Y. Qin, and H. Zhang, Detecting and mitigating interest flooding attacks in content-centric network. Security and Communication Networks, 2014. 7(4): p. pp. 685-699.
H. Dai, Y.W., J. Fan, and B. Liu, Mitigate DDoS attacks in NDN by interest traceback. IEEE INFOCOM, 2013(NOMEN Workshop).
Amin Karami, M.G.-Z., A hybrid multiobjective RBF-PSO method for mitigating DoS attacks in Named Data Networking. Neurocomputing, 2015(Elsevier): p. pp. 1262-1282.
Naveen Kumar, A.K.S.a.S.S., Evaluating Machine Learning Algorithms for Detection of Interest Flooding Attack in Named Data Networking. International Conference on Security of Information and Networks, 2017. 10.
M. Wahlisch, T.C.S., M. Vahlenkamp, Backscatter from the data plane–threats to stability and security in information-centric network infrastructure. Elsevier Computer Networks, 2013.
Cesar Ghali, G.T., Ersin Uzun, Christopher A. Wood, Living in a PIT-less World: A Case Against Stateful Forwarding in Content-Centric Networking, in Computer Science - Networking and Internet Architecture2015, Cornell University.
Shigeyasu, T., Sonoda, Ayaka, Distributed Approach for Detecting Collusive Interest Flooding Attack on Named Data Networking. International Conference on Network-Based Information Systems (NBiS), 2019. 21.
Acknowledgement
The authors would like to thank Universiti Malaysia Sabah for funding this research project entitled “Designing a Rule-based Mechanism to Detect the Flash Crowd Attacks During Flash Events” under the SGPUMS-SPBK grant (SBK0359-2017).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Lee, RT., Leau, YB., Park, YJ., Obit, J.H. (2020). A Perspective Towards NCIFA and CIFA in Named-Data Networking Architecture. In: Alfred, R., Lim, Y., Haviluddin, H., On, C. (eds) Computational Science and Technology. Lecture Notes in Electrical Engineering, vol 603. Springer, Singapore. https://doi.org/10.1007/978-981-15-0058-9_46
Download citation
DOI: https://doi.org/10.1007/978-981-15-0058-9_46
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-0057-2
Online ISBN: 978-981-15-0058-9
eBook Packages: EngineeringEngineering (R0)