Proceedings ArticleDOI
An Effective and Lightweight Countermeasure Scheme to Multiple Network Attacks in NDNs
Dapeng Qu,Qu Shijun,Yang Yue,Haiying Shen +3 more
- pp 1-9
Reads0
Chats0
TLDR
This work proposes an effective and lightweight countermeasure scheme that consists of token-based router monitoring policy, hierarchical consensus-based trust management (HCT), and popularity-based probabilistic caching policy (PPC).Abstract:
In Named Data Networks, cache pollution, cache poisoning and interest flooding are three popular types of attacks that can drastically degrade the network performance. However, previous methods for mitigating these attacks are not sufficiently effective or efficient. Also, they cannot simultaneously handle the three attacks. To handle these problems, we propose an effective and lightweight countermeasure scheme. It consists of token-based router monitoring policy (TRM), hierarchical consensus-based trust management (HCT), and popularity-based probabilistic caching policy (PPC). In TRM, each edge router monitors and evaluates each data requester’s probability of launching the cache pollution attack and each data provider’s probability of launching the cache poisoning attack, and accordingly assigns, rewards and penalizes tokens to them to control their data request and data provision activities. In HCT, each core router manages its directly connected edge routers using TRM, and the core routers trust each other through adopting the concept of consensus in Blockchain. PPC uses probabilistic caching based on the popularity of received content to further mitigate the attacks and reduce caching and data verification overhead. Results from simulation experiments demonstrate that our proposed scheme has better performance, in terms of interest satisfaction ratio and average end-to-end delay than current mechanisms.read more
References
More filters
Journal ArticleDOI
Named data networking
Lixia Zhang,Alexander Afanasyev,Jeff Burke,Van Jacobson,kc claffy,Patrick Crowley,Christos Papadopoulos,Lan Wang,Beichuan Zhang +8 more
TL;DR: The NDN project investigates Van Jacobson's proposed evolution from today's host-centric network architecture (IP) to a data-centricnetwork architecture (NDN), which has far-reaching implications for how the authors design, develop, deploy, and use networks and applications.
Journal ArticleDOI
A survey of information-centric networking
TL;DR: This work compares and discusses design choices and features of proposed ICN architectures, focusing on the following main components: named data objects, naming and security, API, routing and transport, and caching.
Journal ArticleDOI
Blockchain Technologies: The Foreseeable Impact on Society and Industry
TL;DR: The authors describe blockchain’s fundamental concepts, provide perspectives on its challenges and opportunities, and trace its origins from the Bitcoin digital cash system to recent applications.
Interest flooding attack and countermeasures in Named Data Networking
TL;DR: This paper investigates effective solutions to mitigate Interest flooding and shows that NDN's inherent properties of storing per packet state on each router and maintaining flow balance provides the basis for effective DDoS mitigation algorithms.
Proceedings ArticleDOI
Poseidon: Mitigating Interest Flooding DDoS Attacks in Named Data Networking
TL;DR: It is shown that an adversary with limited resources can implement such attack, having a significant impact on network performance, and Poseidon is introduced: a framework for detecting and mitigating interest flooding attacks.