Named-Data Networking (NDN) is a promising architecture for future Internet. However, routers and content providers in NDN can be targets for a new DDoS attack called the Interest Flooding Attack (IFA). As a consequence, affected routers drop legitimate interest packets. We argue that IFA can be defended effectively when it is detected and mitigated, at early stage, based on timely and aggregated information of exchanged packets and forwarding states. Towards this end, we adapt CoMon, a framework that we developed formerly to coordinate caching-related decisions in NDN. This choice is motivated by CoMon's proven ability to realize efficient, yet lightweight, coordination. A preliminary evaluation confirms the effectiveness of our solution against IFAs.
[1]
Cisco Visual Networking Index: Forecast and Methodology 2016-2021.(2017) http://www.cisco.com/c/en/us/solutions/collateral/service-provider/visual- networking-index-vni/complete-white-paper-c11-481360.html. High Efficiency Video Coding (HEVC) Algorithms and Architectures https://jvet.hhi.fraunhofer.
,
2017
.
[2]
Bin Liu,et al.
Mitigate DDoS attacks in NDN by interest traceback
,
2013,
2013 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).
[3]
Hani Salah,et al.
CoMon: An architecture for coordinated caching and cache-aware routing in CCN
,
2015,
2015 12th Annual IEEE Consumer Communications and Networking Conference (CCNC).
[4]
Ratul Mahajan,et al.
Measuring ISP topologies with Rocketfuel
,
2004,
IEEE/ACM Transactions on Networking.
[5]
Van Jacobson,et al.
Networking named content
,
2009,
CoNEXT '09.
[6]
Priya Mahadevan,et al.
Interest flooding attack and countermeasures in Named Data Networking
,
2013,
2013 IFIP Networking Conference.