MSIDN: Mitigation of Sophisticated Interest flooding-based DDoS attacks in Named Data Networking

Ahmed Benmousa, Abdou el Karim Tahari, Chaker Abdelaziz Kerrache, Nasreddine Lagraa, Abderrahmane Lakas, Rasheed Hussain, Farhan Ahmad

Research output: Contribution to journalArticle

2 Citations (Scopus)

Abstract

Named Data Networking (NDN) is a promising candidate for Future Internet Architecture (FIA), wherethe focus of communication is the content itself rather than the source of the requested content.NDN is one of the implementations of Information-Centric Networking (ICN). Among other salientfeatures, NDN provides intrinsic security where security is provided to the content directly, ratherthan securing the communication channel. However, despite promising features offered by NDN, itis still susceptible to various Denial of Service (DoS) attacks, mainly Interest Flooding Attacks (IFA).Various mitigation solutions exist in the literature; however, legitimate users and their traffic areusuallyaffectedbythesesolutions.Inthispaper,weproposealightweightmechanismcalledMSIDN,tomitigate sophisticated interest flooding-based DoS and Distributed DoS (DDoS) attacks in NDN. MSIDNaims to mitigate attacks at the source of communication without affecting the legitimate users. MSIDNrelies on data producers’ feedback which is used by the routers to employ precise rate-limiting andblock the attackers. Extensive simulations were conducted to evaluate the proposed MSIDN in termsof its robustness during various attack scenarios, dealing with malicious traffic without affecting thelegitimate requests, and mitigating attacks at the source side of the communication.
Original languageEnglish
Pages (from-to)293-306
Number of pages14
JournalFuture Generation Computer Systems
Volume107
Early online date31 Jan 2020
DOIs
Publication statusPublished - Jun 2020
Externally publishedYes

Keywords

  • Named Data Networking
  • Denial-of-Service attacks
  • Interest Flooding Attack
  • NDN Security

Fingerprint Dive into the research topics of 'MSIDN: Mitigation of Sophisticated Interest flooding-based DDoS attacks in Named Data Networking'. Together they form a unique fingerprint.

  • Cite this