Detecting and mitigating interest flooding attacks in content-centric network

The original architecture of content-centric network CCN may suffer from interest flooding attacks. In this paper, we focus on one type of interest flooding attacks called denial of service against content source DACS attack. To damage CCN, it floods a large number of malicious interests requesting content that does not exist, which guarantees that no cache hit can occur at routers until these malicious interests reach the target content source. Thus, it can directly exhaust the resource of the victim. To counter it, we propose a threshold-based detecting and mitigating TDM scheme. The basic idea is to detect DACS attack on the basis of the frequency that pending interest table items in CCN routers expire recording this frequency by introducing two counters with their corresponding thresholds and one indicator for counter mode and to mitigate it by implementing the rate limiter in each router. From the viewpoint of a CCN router, we analyze the performance of TDM in terms of detection ability and effect on mitigating malicious traffic. In addition, we briefly analyze the overhead of TDM. The results show that TDM achieves high detection ability and good effect on mitigating malicious traffic while bringing in small overhead on countering DACS attack. To the best of our knowledge, this is the first attempt to design a detailed scheme embedded with corresponding algorithms on countering this attack. Copyright © 2013 John Wiley & Sons, Ltd.

[1]  Tobias Lauinger,et al.  Security & Scalability of Content-Centric Networking , 2010 .

[2]  George Pavlou,et al.  Probabilistic in-network caching for information-centric networks , 2012, ICN '12.

[3]  George Pavlou,et al.  Modelling and Evaluation of CCN-Caching Trees , 2011, Networking.

[4]  Yanghee Choi,et al.  WAVE: Popularity-based and collaborative in-network caching for content-oriented networks , 2012, 2012 Proceedings IEEE INFOCOM Workshops.

[5]  Gene Tsudik,et al.  DoS and DDoS in Named Data Networking , 2012, 2013 22nd International Conference on Computer Communication and Networks (ICCCN).

[6]  Peter M. Chen,et al.  ACM Transactions on Computer Systems: Editorial , 2010 .

[7]  Scott Shenker,et al.  Naming in content-oriented architectures , 2011, ICN '11.

[8]  Murata Masayuki,et al.  CATT: Potential Based Routing with Content Caching for ICN , 2012 .

[9]  Michael Walfish,et al.  DDoS defense by offense , 2006, SIGCOMM 2006.

[10]  Geert Deconinck,et al.  Analyzing well-known countermeasures against distributed denial of service attacks , 2012, Comput. Commun..

[11]  Gene Tsudik,et al.  DoS & DDoS in Named Data Networking , 2013 .

[12]  John McHugh,et al.  Queue Management as a DoS Counter-Measure? , 2007, ISC.

[13]  Van Jacobson,et al.  Networking named content , 2009, CoNEXT '09.

[14]  Kotagiri Ramamohanarao,et al.  Survey of network-based defense mechanisms countering the DoS and DDoS problems , 2007, CSUR.

[15]  Thomas C. Schmidt,et al.  Backscatter from the data plane - Threats to stability and security in information-centric network infrastructure , 2012, Comput. Networks.

[16]  Richard G. Clegg,et al.  A critical look at power law modelling of the Internet , 2009, Comput. Commun..

[17]  Johann van der Merwe,et al.  A survey on peer-to-peer key management for mobile ad hoc networks , 2007, CSUR.

[18]  R G Clegg,et al.  A decade of Internet research — advances in models and practices , 2005 .