Login
Register
Submit a Paper
Propose a Special lssue
Open Access
ARTICLE
Research on Detection Method of Interest Flooding Attack in Named Data Networking
1 Beijing Key Laboratory of Internet Culture and Digital Dissemination Research, Beijing, 100101, China
2 Computer School, Beijing Information Science and Technology University, Beijing, 100101, China
3 Department of Information Science, University of Arkansas at Little Rock, Little Rock, 72204, USA
* Corresponding Author: Yabin Xu. Email:
Intelligent Automation & Soft Computing 2021, 30(1), 113-127. https://doi.org/10.32604/iasc.2021.018895
Received 24 March 2021; Accepted 25 April 2021; Issue published 26 July 2021
View Full Text
Download PDFAbstract
In order to effectively detect interest flooding attack (IFA) in Named Data Networking (NDN), this paper proposes a detection method of interest flooding attack based on chi-square test and similarity test. Firstly, it determines the detection window size based on the distribution of information name prefixes (that is information entropy) in the current network traffic. The attackers may append arbitrary random suffix to a certain prefix in the network traffic, and then send a large number of interest packets that cannot get the response. Targeted at this problem, the sensitivity of chi-square test is used to detect the change of prefix of interest packets. Interest packets initiated by IFA attackers are usually attached to a real prefix, but with a randomly generated suffix attached. Taking into account of this problem, the similarity of interest packet prefixes is further detected. Finally, the detection results of the two aspects are combined to determine whether interest flooding attack has occurred or not. In addition, according to the symmetric routing characteristic of Pending Interest Table (PIT), we also send the forged interest packet back to the attacker, and then restrict the corresponding port of the attacker, so as to effectively suppress the IFA attack. The experimental results show that the method we proposed can not only detect IFA in NDN at the beginning of the attack, but also is more accurate and effective than other methods.Keywords
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Downloads
Citation Tools
