Content-Centric Networking: Effect of Content Caching on Mitigating DoS Attack

Content-Centric Networking (CCN) is a novel networking paradigm making named data the first class entity rather than IP address. That is, it cares about which data to fetch rather than which host to reach. One key feature of CCN is the content caching that CCN routers are caching named contents instead of IP addresses, which makes the effect of Denial-of-Service (DoS) attack different from in TCP/IP networking. In this paper, we propose a DoS attack model for CCN. Comparing with TCP/IP networking, we use the model evaluations and NS2 simulations to show the effectiveness of CCN’s content caching on limiting DoS attack. In addition, we analyze how the content caching Time-To-Live (TTL) in CCN affects DoS attack. Both the results show CCN has better survivability and resilience than TCP/IP networking when suffering DoS attack and larger content caching

[1]  Yanfang Ye,et al.  CIMDS: Adapting Postprocessing Techniques of Associative Classification for Malware Detection , 2010, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[2]  Massimo Gallo,et al.  Bandwidth and storage sharing performance in information centric networking , 2011, ICN '11.

[3]  Scott Shenker,et al.  A data-oriented (and beyond) network architecture , 2007, SIGCOMM '07.

[4]  Daniel Massey,et al.  Routing policies in named data networking , 2011, ICN '11.

[5]  Alberto Montresor,et al.  Modeling Botnets and Epidemic Malware , 2010, 2010 IEEE International Conference on Communications.

[6]  David R. Cheriton,et al.  An Architecture for Content Routing Support in the Internet , 2001, USITS.

[7]  Ion Stoica,et al.  ROFL: routing on flat labels , 2006, SIGCOMM '06.

[8]  Scott Shenker,et al.  On preserving privacy in content-oriented networks , 2011, ICN '11.

[9]  Yajuan Qin,et al.  Identifier/locator separation: a worm detection and prevention perspective , 2011 .

[10]  David R. Cheriton,et al.  Active Internet Traffic Filtering: Real-time Response to Denial of Service Attacks , 2003, ArXiv.

[11]  Paul Francis,et al.  Mitigating DNS DoS attacks , 2008, CCS.

[12]  Yu Cheng,et al.  Quick Detection of Stealthy SIP Flooding Attacks in VoIP Networks , 2011, 2011 IEEE International Conference on Communications (ICC).

[13]  Diana K. Smetters,et al.  VoCCN: voice-over content-centric networks , 2009, ReArch '09.

[14]  Xiaowei Yang,et al.  TVA: A DoS-Limiting Network Architecture , 2008, IEEE/ACM Transactions on Networking.

[15]  Min Sik Kim,et al.  Real-Time Detection of Stealthy DDoS Attacks Using Time-Series Decomposition , 2010, 2010 IEEE International Conference on Communications.

[16]  Günter Schäfer,et al.  On Complexity and Approximability of Optimal DoS Attacks on Multiple-Tree P2P Streaming Topologies , 2011, IEEE Transactions on Dependable and Secure Computing.

[17]  M. Iqbal Saripan,et al.  Detection of Denial of Service Attacks against Domain Name System Using Neural Networks , 2009, ArXiv.

[18]  Xin Liu,et al.  NetFence: preventing internet denial of service from inside out , 2010, SIGCOMM '10.

[19]  Taieb Znati,et al.  Detecting Application Denial-of-Service Attacks: A Group-Testing-Based Approach , 2010, IEEE Transactions on Parallel and Distributed Systems.

[20]  Per Gunningberg,et al.  Congestion avoidance in a data-centric opportunistic network , 2011, ICN '11.

[21]  Xun Wang,et al.  Modeling and Detection of Camouflaging Worm , 2011, IEEE Transactions on Dependable and Secure Computing.

[22]  Shahram Jamali,et al.  Defense against SYN-Flood Denial of Service Attacks Based on Learning Automata , 2012, ArXiv.

[23]  Van Jacobson,et al.  Networking named content , 2009, CoNEXT '09.

[24]  Kevin A. Kwiat,et al.  Modeling the spread of active worms , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[25]  Kang G. Shin,et al.  Detection of botnets using combined host- and network-level information , 2010, 2010 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN).

[26]  Ning Wang,et al.  Curling: Content-ubiquitous resolution and delivery infrastructure for next-generation services , 2011, IEEE Communications Magazine.

[27]  David Moore,et al.  Code-Red: a case study on the spread and victims of an internet worm , 2002, IMW '02.

[28]  Steven M. Bellovin,et al.  Implementing Pushback: Router-Based Defense Against DDoS Attacks , 2002, NDSS.

[29]  Xun Wang,et al.  Detecting worms via mining dynamic program execution , 2007, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops - SecureComm 2007.

[30]  Charles V. Wright,et al.  Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis , 2009, NDSS.

[31]  S. Malathi,et al.  Prevention of Attacks under DDoS Using Target Customer Behavior , 2012 .

[32]  John S. Heidemann,et al.  A framework for classifying denial of service attacks , 2003, SIGCOMM '03.

[33]  Mehran S. Fallah A Puzzle-Based Defense Strategy Against Flooding Attacks Using Game Theory , 2010, IEEE Transactions on Dependable and Secure Computing.

[34]  Holger Karl,et al.  MDHT: a hierarchical name resolution service for information-centric networks , 2011, ICN '11.

[35]  Diego Perino,et al.  A reality check for content centric networking , 2011, ICN '11.