Abstract
Named Data Networking (NDN) is a promising candidate for Future Internet Architecture (FIA), wherethe focus of communication is the content itself rather than the source of the requested content.NDN is one of the implementations of Information-Centric Networking (ICN). Among other salientfeatures, NDN provides intrinsic security where security is provided to the content directly, ratherthan securing the communication channel. However, despite promising features offered by NDN, itis still susceptible to various Denial of Service (DoS) attacks, mainly Interest Flooding Attacks (IFA).Various mitigation solutions exist in the literature; however, legitimate users and their traffic areusuallyaffectedbythesesolutions.Inthispaper,weproposealightweightmechanismcalledMSIDN,tomitigate sophisticated interest flooding-based DoS and Distributed DoS (DDoS) attacks in NDN. MSIDNaims to mitigate attacks at the source of communication without affecting the legitimate users. MSIDNrelies on data producers’ feedback which is used by the routers to employ precise rate-limiting andblock the attackers. Extensive simulations were conducted to evaluate the proposed MSIDN in termsof its robustness during various attack scenarios, dealing with malicious traffic without affecting thelegitimate requests, and mitigating attacks at the source side of the communication.
| Original language | English |
|---|---|
| Pages (from-to) | 293-306 |
| Number of pages | 14 |
| Journal | Future Generation Computer Systems |
| Volume | 107 |
| Early online date | 31 Jan 2020 |
| DOIs | |
| Publication status | Published - Jun 2020 |
| Externally published | Yes |
Bibliographical note
Publisher Copyright:© 2020 Elsevier B.V.
Keywords
- Denial-of-Service attacks
- Interest Flooding Attack
- NDN Security
- Named Data Networking
ASJC Scopus subject areas
- Software
- Hardware and Architecture
- Computer Networks and Communications