A Reputation Value-Based Early Detection Mechanism Against the Consumer-Provider Collusive Attack in Information-Centric IoT

As the Internet of Things (IoT) has connected large number of devices to the Internet, it is urgently needed to guarantee the low latency, security, scalable content distribution of the IoT network. The benefits of Information-Centric Networking (ICN) in terms of fast and efficient data delivery and improved reliability have raised ICN as a highly promising networking model for IoT environments. However, with the widely spread of the viruses and the explosion of kinds of network devices, the attackers can easily control the devices to form a botnet such as the Mirai. Once the devices are under control, the attackers can launch a consumer-provider collusive attack in the Information-Centric IoT context. In this attack, the malicious clients issue Interest packets that can only be satisfied by the malicious content provider, and the malicious provider replies to the clients just before exceeding the Pending Interest Table entry’s expiration time, to occupy the limited resources. In this paper, we expound the model of the consumer-provider collusive attack and analyze the negative effect of the attack. Then we propose a Reputation Value based Early Detection (RVED) mechanism to relieve the impact of the collusive attack. The method aims to adjust the packet dropping rates of different interfaces based on their reputation value, thus to protect the legitimate packets from being dropped as possible. We implement the consumer-provider collusive model and evaluate our defend mechanism in the simulator, and simulation results verify the feasibility and effectiveness against the collusive attack of the RVED mechanism.

[1]  Sergey Andreev,et al.  Vehicle-Based Relay Assistance for Opportunistic Crowdsensing Over Narrowband IoT (NB-IoT) , 2018, IEEE Internet of Things Journal.

[2]  Ying Liu,et al.  An Entropy-SVM Based Interest Flooding Attack Detection Method in ICN , 2018, 2018 IEEE 88th Vehicular Technology Conference (VTC-Fall).

[3]  Brunilde Sansò,et al.  Traffic characterization and LTE performance analysis for M2M communications in smart cities , 2017, Pervasive Mob. Comput..

[4]  Andrzej Jajszczyk,et al.  Analytical Models for Multi-RED Queues Serving as Droppers in DiffServ Networks , 2007, IEEE GLOBECOM 2007 - IEEE Global Telecommunications Conference.

[5]  Konstantinos Psounis,et al.  CHOKe - a stateless active queue management scheme for approximating fair bandwidth allocation , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[6]  Hani Salah,et al.  Evaluating and mitigating a Collusive version of the Interest Flooding Attack in NDN , 2016, 2016 IEEE Symposium on Computers and Communication (ISCC).

[7]  Nikos Fotiou,et al.  A Survey of Information-Centric Networking Research , 2014, IEEE Communications Surveys & Tutorials.

[8]  Igor M. Moraes,et al.  Analyzing the producer-consumer collusion attack in Content-Centric Networks , 2016, 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[9]  Chengyu Fan,et al.  Bridging the ICN Deployment Gap with IPoC: An IP-over-ICN protocol for 5G Networks , 2018, NEAT@SIGCOMM.

[10]  Hiroshi Shigeno,et al.  Cache Control Method Mitigating Packet Concentration of Router Caused by Interest Flooding Attack , 2016, 2016 IEEE Trustcom/BigDataSE/ISPA.

[11]  Jun Wu,et al.  Making Knowledge Tradable in Edge-AI Enabled IoT: A Consortium Blockchain-Based Efficient and Incentive Approach , 2019, IEEE Transactions on Industrial Informatics.

[12]  Luigi Alfredo Grieco,et al.  A secure ICN-IoT architecture , 2017, 2017 IEEE International Conference on Communications Workshops (ICC Workshops).

[13]  Ratul Mahajan,et al.  Measuring ISP topologies with Rocketfuel , 2004, IEEE/ACM Transactions on Networking.

[14]  Satyajayant Misra,et al.  LASeR: Lightweight Authentication and Secured Routing for NDN IoT in Smart Cities , 2017, IEEE Internet of Things Journal.

[15]  Marimuthu Palaniswami,et al.  Internet of Things (IoT): A vision, architectural elements, and future directions , 2012, Future Gener. Comput. Syst..

[16]  Jonathan Loo,et al.  Hierarchical and Flat-Based Hybrid Naming Scheme in Content-Centric Networks of Things , 2018, IEEE Internet of Things Journal.

[17]  Brahim Bensaou,et al.  Inferring and Controlling Congestion in CCN via the Pending Interest Table Occupancy , 2016, 2016 IEEE 41st Conference on Local Computer Networks (LCN).

[18]  Sally Floyd,et al.  Adaptive RED: An Algorithm for Increasing the Robustness of RED's Active Queue Management , 2001 .

[19]  J. K. Kalita,et al.  Botnet in DDoS Attacks: Trends and Challenges , 2015, IEEE Communications Surveys & Tutorials.

[20]  Jeongho Kwak,et al.  Hybrid Content Caching in 5G Wireless Networks: Cloud Versus Edge Caching , 2018, IEEE Transactions on Wireless Communications.

[21]  Yi Zhou,et al.  Understanding the Mirai Botnet , 2017, USENIX Security Symposium.

[22]  Amit P. Sheth,et al.  Toward Practical Privacy-Preserving Analytics for IoT and Cloud-Based Healthcare Systems , 2018, IEEE Internet Computing.

[23]  Yang Li,et al.  Detection of collusive interest flooding attacks in named data networking using wavelet analysis , 2017, MILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM).

[24]  Alexander Afanasyev,et al.  On the Evolution of ndnSIM , 2017, Comput. Commun. Rev..

[25]  Hongbin Luo,et al.  A Gini Impurity-Based Interest Flooding Attack Defence Mechanism in NDN , 2018, IEEE Communications Letters.

[26]  Byung-Seo Kim,et al.  Information-Centric Networking With Edge Computing for IoT: Research Challenges and Future Directions , 2018, IEEE Access.

[27]  Huaiyu Dai,et al.  A Survey on Low Latency Towards 5G: RAN, Core Network and Caching Solutions , 2017, IEEE Communications Surveys & Tutorials.

[28]  Meng Zhao,et al.  IoT lighting: Towards a connected building eco-system , 2018, 2018 IEEE 4th World Forum on Internet of Things (WF-IoT).

[29]  Seungjun Yeon,et al.  Issues and Implementation Strategies of the IoT (Internet of Things) Industry , 2016, IMIS.

[30]  Hiroshi Shigeno,et al.  Interest Flow Control Method Based on User Reputation and Content Name Prefixes in Named Data Networking , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[31]  Janaka Wijekoon,et al.  FROG: A Packet Hop Count based DDoS Countermeasure in NDN , 2018, 2018 IEEE Symposium on Computers and Communications (ISCC).

[32]  Jonathan Loo,et al.  Recent Advances in Information-Centric Networking-Based Internet of Things (ICN-IoT) , 2017, IEEE Internet of Things Journal.

[33]  Khalil Drira,et al.  Cache coherence in Machine-to-Machine Information Centric Networks , 2015, 2015 IEEE 40th Conference on Local Computer Networks (LCN).

[34]  Jungha Hong Challenges of name resolution service for information centric networking toward IoT , 2016, 2016 International Conference on Information and Communication Technology Convergence (ICTC).

[35]  Mohsen Guizani,et al.  Semisupervised Deep Reinforcement Learning in Support of IoT and Smart City Services , 2018, IEEE Internet of Things Journal.

[36]  Hongke Zhang,et al.  BLAM: Lightweight Bloom-Filter Based DDoS Mitigation for Information-Centric IoT , 2018, 2018 IEEE Global Communications Conference (GLOBECOM).

[37]  James M. Lucas,et al.  Exponentially weighted moving average control schemes: Properties and enhancements , 1990 .

[38]  Igor M. Moraes,et al.  Cache nFace: a simple countermeasure for the producer-consumer collusion attack in Named Data Networking , 2019, Ann. des Télécommunications.

[39]  Ruidong Li,et al.  A Distributed Publisher-Driven Secure Data Sharing Scheme for Information-Centric IoT , 2017, IEEE Internet of Things Journal.

[40]  Dohyung Kim,et al.  ICN-Based Light-Weighted Mobility Support in IoT , 2018, 2018 27th International Conference on Computer Communication and Networks (ICCCN).

[41]  Mohammed Atiquzzaman,et al.  DSRED: an active queue management scheme for next generation networks , 2000, Proceedings 25th Annual IEEE Conference on Local Computer Networks. LCN 2000.

[42]  Radu State,et al.  Advanced interest flooding attacks in named-data networking , 2017, 2017 IEEE 16th International Symposium on Network Computing and Applications (NCA).