首页> 外文期刊>International journal of communication systems >Cooperative detection and protection for Interest flooding attacks in named data networking
【24h】

Cooperative detection and protection for Interest flooding attacks in named data networking

机译:命名数据网络中兴趣泛洪攻击的协作检测和保护

获取原文
获取原文并翻译 | 示例
获取外文期刊封面目录资料

摘要

Named data networking (NDN) is a new emerging architecture for future network, which may be a substitute of the current TCP/IP-based network, for the content-oriented data request mode becoming the future trend of development. The security of NDN has attracted much attention, as an implementation of next-generation Internet architecture. Although NDN is immune to most current attack, it cannot resist the distributed denial of service like attack – Interest flooding attack (IFA) – effectively. IFA takes advantages of the forwarding mechanism of NDN, flooding a large number of malicious Interest packets at quite a high rate, and exploits the network resources, which may cause the paralysis of the network. Taking into account the severity of the destruction, we propose an algorithm to counter such new type of attack. We analyze three properties of IFA, and use them to judge and filter Interest packets. Vector space model and Markov model are used in our method to realize a cooperative detection. Meanwhile, we present the retransmission forwarding mechanism to ensure legitimate user request. The ndnSIM module of ns3 is used for the corresponding simulation, and results of the simulation will be given to show the effectiveness of our algorithm. Copyright © 2014 John Wiley & Sons, Ltd.
机译:命名数据网络(NDN)是面向未来网络的新兴体系结构,它可以替代当前基于TCP / IP的网络,而面向内容的数据请求模式已成为未来的发展趋势。作为下一代Internet体系结构的实现,NDN的安全性引起了广泛关注。尽管NDN不受大多数​​当前攻击的影响,但它无法有效抵抗分布式攻击(例如兴趣泛滥攻击(IFA))拒绝服务。 IFA利用NDN的转发机制,以很高的速率泛洪大量的恶意兴趣数据包,并利用网络资源,这可能会导致网络瘫痪。考虑到破坏的严重性,我们提出了一种应对这种新型攻击的算法。我们分析了IFA的三个属性,并使用它们来判断和过滤兴趣包。该方法利用向量空间模型和马尔可夫模型来实现协同检测。同时,我们提出了重传转发机制,以确保合法的用户请求。 ns3的ndnSIM模块用于相应的仿真,仿真结果将给出以证明我们算法的有效性。版权所有©2014 John Wiley&Sons,Ltd.

著录项

  • 来源
    《International journal of communication systems》 |2016年第13期|1968-1980|共13页
  • 作者单位

    Beijing Jiaotong University School of Electronic and Information Engineering Beijing Beijing China;

    Key Laboratory of Communication and Information Systems Beijing Jiaotong University Beijing Municipal Commission of Education Beijing China;

    Beijing Jiaotong University School of Electronic and Information Engineering Beijing Beijing China;

    Key Laboratory of Communication and Information Systems Beijing Jiaotong University Beijing Municipal Commission of Education Beijing China;

    Beijing Jiaotong University School of Electronic and Information Engineering Beijing Beijing China;

    Key Laboratory of Communication and Information Systems Beijing Jiaotong University Beijing Municipal Commission of Education Beijing China;

    Beijing Jiaotong University School of Electronic and Information Engineering Beijing Beijing China;

    Key Laboratory of Communication and Information Systems Beijing Jiaotong University Beijing Municipal Commission of Education Beijing China;

    Beijing Jiaotong University School of Electronic and Information Engineering Beijing Beijing China;

    Key Laboratory of Communication and Information Systems Beijing Jiaotong University Beijing Municipal Commission of Education Beijing China;

  • 收录信息 美国《科学引文索引》(SCI);美国《工程索引》(EI);
  • 原文格式 PDF
  • 正文语种 eng
  • 中图分类
  • 关键词

    named data networking; Interest flooding attack; vector space model; Markov chain; next‐generation network communication system;

    机译:命名数据网络;泛洪攻击;向量空间模型;马尔可夫链;下一代网络通信系统;

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号